However, in some cases two backbone areas exist; in other cases, a nonbackbone area may not have a convenient point of connection to the backbone area.
Each area should be contiguous, and each nonbackbone area should connect to the backbone area through an ABR.
An OSPF virtual link allows two ABRs that connect to the same nonbackbone area to form a neighbor relationship through that nonbackbone area, even when separated by many other routers and subnets.
This virtual link acts like a virtual point-to-point connection between the two routers, with that link inside area 0.
The routers form a neighbor relationship, inside area 0, and flood LSAs over that link.
To define the virtual link, each router configures the other router’s RID and a reference to the area through which the virtual link passes.
The two routers send the usual OSPF message types, encapsulated inside unicast IP packets, with a destination IP address of the router on the other end of the virtual link.
The ABRs connected over a virtual link act mostly like any other ABR, with a couple of differences:
-The first difference is that ABRs send all OSPF messages as unicasts to the IP address of the router on the other end of the link.
-Second, the routers also mark the Do Not Age (DNA) bit in the LSAs, meaning that all routers on the other side of the virtual link will not expect the LSAs to be reflooded over the virtual link on the usual 30-minute refresh interval.
This helps reduce overhead over the virtual link, which often runs over slower links and less-powerful routers.
The router also assigns an OSPF cost to the virtual link, just as it would for an interface.
A. Configuring OSPF virtual links with no authentication
Key configuration options on the area virtual-link router subcommand:
■ The remote-RID in the "area area-num virtual-link remote-RID" command refers to the other router’s RID.
■ The area-num in the "area area-num virtual-link remote-RID" command refers to the transit area over which the packets flow between the two routers.
■ The transit area over which the two routers communicate must not be a stubby area.
■ The optional configuration of OSPF neighbor authentication parameters, normally configured as interface subcommands, must be configured as additional parameters on the area virtual-link command.
■ The optional configuration of Hello and Dead intervals, normally configured as interface subcommands, must be configured as additional parameters on the "area virtual-link" command.
■ The router assigns the virtual link an OSPF cost as if it were a point-to-point link.
The router calculates the cost as the cost to reach the router on the other end of the link, as calculated using the transit area’s LSDB.
For configuring an OSPF virtual link, R14 and Area 99 were added to the figure. The link between R13 and R14 has been included in OSPF Area 1. The stub setting for Area 1 has been removed on both R2 and R13.
R2#show run | s ospf
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 192.168.0.0 0.0.0.7 area 0
network 192.168.168.0 0.0.0.3 area 1
R13#show run | s ospf
router ospf 1
router-id 13.13.13.13
log-adjacency-changes
network 192.168.168.0 0.0.0.3 area 1
network 192.168.169.0 0.0.0.255 area 1
network 192.168.192.0 0.0.0.3 area 1
R14#show run | s ospf
router ospf 1
router-id 14.14.14.14
log-adjacency-changes
network 192.168.99.0 0.0.0.255 area 99
network 192.168.192.0 0.0.0.3 area 1
R2(config)#router ospf 1
R2(config-router)#area 1 virtual-link 14.14.14.14
R14(config)#router ospf 1
R14(config-router)#area 1 virtual-link 2.2.2.2
A FULL neighborship is formed in Area 0, using interface OSPF_VL0:
R2#
*Mar 1 01:12:32.663: %OSPF-5-ADJCHG: Process 1, Nbr 14.14.14.14 on OSPF_VL0 from LOADING to FULL, Loading Done
R14#
*Mar 1 00:16:18.311: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on OSPF_VL0 from LOADING to FULL, Loading Done
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
14.14.14.14 0 FULL/ - - 192.168.192.2 OSPF_VL0
1.1.1.1 1 FULL/DROTHER 00:00:32 192.168.0.1 FastEthernet0/0
3.3.3.3 1 FULL/DR 00:00:38 192.168.0.3 FastEthernet0/0
13.13.13.13 1 FULL/DR 00:00:35 192.168.168.2 FastEthernet0/1
R14#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - - 192.168.168.1 OSPF_VL0
13.13.13.13 1 FULL/DR 00:00:37 192.168.192.1 FastEthernet0/0
R2#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 14.14.14.14 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface FastEthernet0/1, Cost of using 20
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:08
Adjacency State FULL (Hello suppressed)
Index 3/4, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R14#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 2.2.2.2 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface FastEthernet0/0, Cost of using 20
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:01
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
Now, both routers should have identical Area 0 LSDBs, DNA marked LSAs:
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 645 0x80000005 0x00AC60 8
2.2.2.2 2.2.2.2 375 0x80000005 0x0005C7 2
3.3.3.3 3.3.3.3 646 0x80000004 0x004160 2
4.4.4.4 4.4.4.4 624 0x80000004 0x005C37 2
5.5.5.5 5.5.5.5 660 0x80000004 0x00A0E2 2
9.9.9.9 9.9.9.9 660 0x80000004 0x00094F 2
14.14.14.14 14.14.14.14 1 (DNA) 0x80000002 0x0090E6 1
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
192.168.0.3 3.3.3.3 646 0x80000003 0x006C3E
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.0.1.1 9.9.9.9 660 0x80000003 0x00DE2C
10.0.1.2 9.9.9.9 660 0x80000003 0x005772
10.0.1.3 9.9.9.9 670 0x80000003 0x004D7B
10.0.10.10 9.9.9.9 670 0x80000003 0x00AD0A
10.0.11.11 9.9.9.9 670 0x80000003 0x00981D
192.168.3.0 9.9.9.9 670 0x80000003 0x00F5AD
192.168.33.33 9.9.9.9 670 0x80000003 0x007BE4
192.168.99.99 14.14.14.14 6 (DNA) 0x80000001 0x0015BE
192.168.168.0 2.2.2.2 647 0x80000003 0x00AA6F
192.168.168.0 14.14.14.14 6 (DNA) 0x80000001 0x00A938
192.168.169.170 2.2.2.2 1031 0x80000001 0x001557
192.168.169.170 14.14.14.14 6 (DNA) 0x80000001 0x00AB90
192.168.192.0 2.2.2.2 944 0x80000001 0x000AEF
192.168.192.0 14.14.14.14 6 (DNA) 0x80000001 0x003C97
R14#show ip ospf database
OSPF Router with ID (14.14.14.14) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 271 (DNA) 0x80000005 0x00AC60 8
2.2.2.2 2.2.2.2 1 (DNA) 0x80000005 0x0005C7 2
3.3.3.3 3.3.3.3 271 (DNA) 0x80000004 0x004160 2
4.4.4.4 4.4.4.4 249 (DNA) 0x80000004 0x005C37 2
5.5.5.5 5.5.5.5 285 (DNA) 0x80000004 0x00A0E2 2
9.9.9.9 9.9.9.9 285 (DNA) 0x80000004 0x00094F 2
14.14.14.14 14.14.14.14 419 0x80000002 0x0090E6 1
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
192.168.0.3 3.3.3.3 271 (DNA) 0x80000003 0x006C3E
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.0.1.1 9.9.9.9 285 (DNA) 0x80000003 0x00DE2C
10.0.1.2 9.9.9.9 285 (DNA) 0x80000003 0x005772
10.0.1.3 9.9.9.9 285 (DNA) 0x80000003 0x004D7B
10.0.10.10 9.9.9.9 285 (DNA) 0x80000003 0x00AD0A
10.0.11.11 9.9.9.9 285 (DNA) 0x80000003 0x00981D
192.168.3.0 9.9.9.9 285 (DNA) 0x80000003 0x00F5AD
192.168.33.33 9.9.9.9 285 (DNA) 0x80000003 0x007BE4
192.168.99.99 14.14.14.14 429 0x80000001 0x0015BE
192.168.168.0 2.2.2.2 263 (DNA) 0x80000003 0x00AA6F
192.168.168.0 14.14.14.14 429 0x80000001 0x00A938
192.168.169.170 2.2.2.2 646 (DNA) 0x80000001 0x001557
192.168.169.170 14.14.14.14 429 0x80000001 0x00AB90
192.168.192.0 2.2.2.2 559 (DNA) 0x80000001 0x000AEF
192.168.192.0 14.14.14.14 429 0x80000001 0x003C97
Router R13, not being included in Area 0, as R14 is through the virtual link, has no Area 0 LSAs:
R13#show ip ospf database
OSPF Router with ID (13.13.13.13) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
2.2.2.2 2.2.2.2 589 0x80000008 0x005294 1
13.13.13.13 13.13.13.13 1153 0x80000009 0x0067EB 3
14.14.14.14 14.14.14.14 589 0x80000003 0x00DE7C 1
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.168.2 13.13.13.13 1246 0x80000001 0x002197
192.168.192.1 13.13.13.13 1153 0x80000001 0x007CF4
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.0.1.1 2.2.2.2 852 0x80000004 0x009645
10.0.1.2 2.2.2.2 852 0x80000004 0x000F8B
10.0.1.3 2.2.2.2 852 0x80000004 0x000594
10.0.10.10 2.2.2.2 852 0x80000004 0x006523
10.0.11.11 2.2.2.2 852 0x80000004 0x005036
192.168.0.0 2.2.2.2 864 0x80000004 0x00CFF5
192.168.0.12 2.2.2.2 864 0x80000004 0x00F183
192.168.0.16 2.2.2.2 864 0x80000004 0x00C9A7
192.168.0.20 2.2.2.2 864 0x80000004 0x00A1CB
192.168.3.0 2.2.2.2 864 0x80000004 0x00ADC6
192.168.13.13 2.2.2.2 864 0x80000004 0x00F1B1
192.168.33.33 2.2.2.2 864 0x80000004 0x0033FD
192.168.99.99 14.14.14.14 608 0x80000001 0x0015BE
192.168.100.100 2.2.2.2 864 0x80000004 0x00C72D
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
9.9.9.9 2.2.2.2 1261 0x80000001 0x00863F
9.9.9.9 14.14.14.14 593 0x80000001 0x00E59B
B. Configuring OSPF virtual links with authentication
Three types of authentication can be used with virtual links:
-null (no) authentication: default
-clear-text authentication: area num virtual-link router-id authentication authentication-key key-value
-MD5 authentication: area num virtual-link router-id authentication message-digest
area num virtual-link router-id message-digest-key key-num md5 key-value
Keeping the same virtual link configuration as above, we can configure authentication:
R2(config)#router ospf 1
R2(config-router)#area 1 virtual-link 14.14.14.14 authentication message-digest
R2(config-router)#area 1 virtual-link 14.14.14.14 message-digest-key 1 md5 test2-14
R2#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 14.14.14.14 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface FastEthernet0/1, Cost of using 20
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:04
Adjacency State FULL (Hello suppressed)
Index 3/4, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
Message digest authentication enabled
Youngest key id is 1
R14(config)#router ospf 1
R14(config-router)#area 1 virtual-link 2.2.2.2 authentication message-digest
R14(config-router)#area 1 virtual-link 2.2.2.2 message-digest-key 1 md5 test2-14
R14#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 2.2.2.2 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface FastEthernet0/0, Cost of using 20
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
Message digest authentication enabled
Youngest key id is 1
No comments:
Post a Comment