OSPF Protocol Design

OSPF is really a fantastic routing
protocol. It’s a link state protocol so it maintains that full database of the
network links and when properly tuned can have some pretty excellent failover
or convergence times. Now, it doesn’t come close to EIGRP’s feasible successor
failover time, and honestly OSPF requires far more understanding of the
protocol and prior planning to maintain a design that’s scalable. However,
EIGRP’s primary downfall is that it’s not an industry standard. Because of
that, OSPF is the most popular interior gateway protocol in the world, and for
good reason.

In order to design a scalable OSPF domain, or expand an existing domain, there are some considerations you’ll need to take into account, along with having a solid understanding as to how OSPF works. I don’t mean to you need to learn the SPF algorithm, but you’ll need to know how OSPF floods change notifications into the network so that you can use the mechanisms available to properly control those notifications and don’t overwhelm your routers. In this video we’ll be covering the design principles for OSPF, Cisco’s recommendations for some limits to stay within to maintain a stable environment, and some of the basics of OSPF’s operation. What we won’t do is go into configuration at all or any of the nitty gritty bits about what’s needed to just get it to work. If you’ve never configured OSPF or it’s been a long time since you’ve touched it, I recommend reviewing, and labbing it up a couple times so you can feel familiar with its operation which will certainly help this information stick better I think. So let’s jump right in.

All areas must be connected to area 0

Right off the bat, let’s get this out of
the way. OSPF was designed do be used in a hierarchical, mostly hub and spoke
network. You’ll come to understand this more if you consider the area 0
requirement, that all areas must connect to area 0, and the fact that ABRs are
the only places where network summarization can occur. Now EIGRP, cisco’s
proprietary interior gateway protocol, was designed for plug and play network
style. Meaning it was designed to scale and handle routing when there’s either
no network architect or a not very good which didn’t do any planning and
doesn’t have anything resembling a hierarchical network. But it’s lightning
fast, has more features like being able to advertise summaries from any
location and being able to do Unequal cost load balancing. I don’t mean to put
down OSPF, really. It’s a great protocol and performs very well when the timers
are tuned and will certainly serve you well. Just be aware that in order to
have it humming along and staying as stable as possible, you’ll need to make
sure you understand how OSPF works and take into account some design
considerations that we’ll be covering in the next few slides here.

I also wanted to mention, and you may recall what routing protocols use to create neighbor relationships or communicate at all is multicast. Now this doesn’t play well over NBMA, that’s non-broadcast multiaccess networks, but you can make it work by specifying the neighbor command in the config. This is a bit special as RIP doesn’t support static neighbors

Tuned vs. default timers

So I mentioned tuning OSPF’s timers at
least once. I know someone can tell you you’ll get better performance, but I’m
always more of a data type person and like to know just how much performance
boost I’ll get. Is it really worth it to me to take the time and effort to do
the research to find the timer values that are recommended for my network? I
actually got this graph here from the CCDP ARCH cisco press book and this shows
the tuned and default convergence time of OSPF, EIGRP, and IS-IS. Now I know the
symbols on the graph are basically impossible to decode unless you zoom way in,
so you’ll just have to take my word on it here if you can’t see. The line wayyy at
the bottom here is EIGRP when it has a feasible successor, recall that means it
has a pre-computed backup route. Sneaking in right above it are OSPF and IS-IS
with tuned timers. IS-IS is slowly making a comeback due to how versatile it
is, but you generally won’t see it anywhere just yet except in specific

The linear diagonal line is EIGRP when
there is not a feasible successor. This is because EIGRP must send query
messages out to all of its neighbors, which then send queries to all their
neighbors, so on and so forth, and they must wait until they hear back from all
of them. Now, it’s pretty quick at doing this; about a half a second for a
routing table with 1000 routes in it. However since it increases linearly, once
we get to 10000 routes we’re at over a 5sec convergence time. Up at the top
here you see just why it’s so important to tune your timers, defaults for OSPF
and IS-IS sit well above a 5000ms convergence time even when we only have 1000
routes in the routing table.

So, do your research, tune your timers for what’s appropriate for your network and router hardware.

What I’ve compiled here are some
recommendations from Cisco regarding the design of your OSPF routing domain.
Mind, these are not absolute law and OSPF will still function outside of these,
but from Cisco audit’s of their customer’s networks, these are the
recommendations they’ve made for what will make a scalable stable network.

First, keep your neighbors per router
below 60. This is mostly a stat that will affect the DR/BDR. However you can
imagine that the more neighboring routers you have, the more updates you’re
likely to get, and the more hello messages you need to process. Each time an
update is received, the link state database algorithm, the SPF algorithm, needs
to be run again. This is why flapping routes can bring routers to their knees
is they need to rerun the SPF algorithm every time that route flaps and
triggers an LSA flood.

Very similarly, you’ll want to keep your
number of routers in a given area under 50. Now I’ve seen hundreds of routers
in an area before, this is not absolutely law, but will help to keep the
network stable.

For any given ABR, keep the number of
areas it’s an ABR for to 3 or less. This is for a very similar reason. If you
do summarization as you should at your ABRs; well that ABR advertises the
summary out to the other areas, but still needs to maintain the entire link
state database for each area it’s part of; so you’re placing a much larger
workload on that one router and possibly overwhelming it if you make it part of
too many areas.

In mentioning briefly before, it may have
come out that you’ll want to make your beefiest and most powerful router on the
segment the DR as it’ll be handling the most update notifications.

Finally as a design note to allow for future growth, try to use contiguous split-able addressing. This will make it so when time comes that your west coast operation takes off and starts growing at a rate nobody expected, that you can split it up into multiple areas, with the sales offices each in their own area and maintain a stable OSPF environment.

Only subscribers can view the full content. Join Now!

Scroll to top

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

CiscoLessons will use the information you provide on this form to send occasional (less than 1/wk) updates and marketing.