ICND2 200-105

ICND2 200-105

Establishing OSPF Neighbor Adjacencies. Hello Packet

Earlier, we mentioned the neighbor table and we stated, you have to form a neighbor adjacency before anything else can happen with Open Shortest Path First, or OSPF. How do you establish that neighbor adjacency? You exchange hello packets. And we do this using a specific multicast address. Do you remember what multicast address was used with Enhanced Interior Gateway Routing Protocol, or EIGRP? Let's put you on the spot right now. What multicast address was used with EIGRP to form neighbor adjacency? Well I know a few multicast addresses. We're talking the 224.0.0 range; 1 is all hosts, 2 is all routers, 9 is Routing Information Protocol version 2, or RIP v2, 10 is EIGRP. So 224.0.0.10 for EIGRP. For OSPF, 224.0.0.5. It's the multicast address used for our hello packets. So we exchange these hello packets and there are parameters in these hello packets:

  • Router ID
  • Hello/dead interval
  • Neighbors
  • Area ID
  • Authentication data
  • Router priority
  • DR IP address
  • BDR IP address

What's the router ID? It's a 32-bit number that is, normally, derived from an IP address on the chassis and it really names our router. I want you to think about what you've heard about these link-state routing protocols. They talk about being focused on first-hand information.

Well if you're talking about first-hand information, you need to know the source. The source is chosen or identified based on the router ID. And so that's a number that identifies a lot of the communication in OSPF. Does this router ID have to be unique or can I have two routers with the exact same router ID? I wouldn't want two routers in our autonomous system with the same router ID. They should be unique because while we're injecting information, we're identifying who injected it based on this router ID. And if we've got two or more routers that are doing it, it's going to be a big old mess for us. Think about that link-state advertisement, or LSA, we discussed earlier. That LSA will have information about who it came from. That will be the router ID. What if you receive an LSA from a router that has the same router ID as you? Then you think you sent it. What would you do with that? See the mess we could end up in here. It's not a good thing at all.

Hello and dead intervals. Intervals, those sound like timers to me. I want you folks to think to yourself that OSPF is the very elegant and overly conservative routing protocol. EIGRP is that thing that just focuses on getting the job done well. OSPF wants it to be done properly and to that end we have to match some values. Many values have to match and I want you to see that. This is really the most important thing on the page, is understanding that you may have to troubleshoot any one of these that has the asterisk by it. So that says, "Its got a match, its got a match", otherwise we break neighborship.

So far off even by a second on hello or dead interval, we will not form a neighborship. The hello interval is the frequency of these packets that are communicated to establish and maintain neighborship to 224.0.0.5. And in the absence of these, usually multiple of about three, we will see or believe that, that neighbor is dead. That neighbor is gone. And we will remove that neighborship and all of the associated routes that we have married to that neighbor. Then it lists of our neighbors or the neighbors of that router. The most important point about this neighbor's field is the fact that you want to see yourself in that neighbor's field. So when you receive a hello packet from a neighbor, if you see yourself in that neighbor field, that means that neighbor knows about you. They want to be your neighbor. And then as a result, you become full neighbors at that particular point in time. We'll see the process here shortly, of the packets that are exchanged between our routers and at what point we form our neighbor adjacencies. And we'll see that, that neighbor field is important for that establishment of bidirectional communication between our two neighbors.

And areas, areas, area ID. When we enable OSPF on an interface, we specify which area that interface belongs to. So when we send a hello packet of that interface, we are going to include which area we belong to for that particular interface. Now in the router, at the other end of that link that we're going to be forming that neighbor adjacency with, sees that. They're going to compare the area ID that arrived on that hello packet with the area ID that their interface is part of. Does that have to match? It absolutely does have to match and we're actually going to get some syslog messages telling us that we've got a problem on our hands. But the area ID does have to match. And understand, we've already learned about OSPF in earlier curriculum. So we're here to gain an understanding of what we get when we have multiple areas. But there are going to be some strategic places to marry those areas to get there because as we see here, we can't have some routers believing that a network is one area and other routers believing that, that same broadcast domain is a different area. It will break neighborship as quickly as anything.

Authentication. It's really important that we authenticate our neighbor adjacencies and anything that is involved with OSPF; because we do not want to form neighbor adjacencies with rogue routers. We do not want to receive bad information, bad routing information from other routers in the environment. We want to make sure that we're only peering and forming neighbor adjacencies with legitimate devices.

So we can set up authentication and the authentication information would have to match. And as you can see, it's being sent with that hello packet as well. So if I set up authentication and my neighbor does not have authentication set up properly, there is no way to form a neighbor adjacency, is there? There certainly isn't and this is in fact made to break neighborship when credentials do not match. Credentials are affected by a few inputs like the authentication type and then if you've chosen message digest version 5, or MD5, you have a key and a key string. Those all have to match and we do this on the link-by-link basis in the world of OSPF. So you can tune it on or turn it on, just on a particularly exposed link. You might not do it in the backbone of your environment where we've got a lot of physical protection, which limits the likelihood of having these rogue routers.

But I see three things that it looks like we haven't really talked about yet and these are all related to each other. Priority, designated router IP address, backup designated router IP address. What is this about? We utilize these three values in that hello packet when we are dealing with multi-access environments.

Well what's a multi-access environment? I want you folks thinking about what multi-access is. This is an important thing, okay. We are not wasting your time here. Multi-access. Give me one multi-access network type. I want you thinking, 'Oh, gees, I don't know or I know what it is. I'll give you one.' I'll give you one which is multi-access - token ring. That's not what you were looking for but that is an example of a multi-access network.

I was expecting you to say Ethernet. We're all pretty much familiar with Ethernet and it's the fact of standard for our LAN implementations today. I'll give you a hint, network types are generally point-to-point or multi-access. Point-to-point or multi-access. Serial links running High-level Data Link Control, or HDLC, or Point-to-Point Protocol, or PPP, are not multi-access because they are point-to-point in nature. If you have a link that everything about it at Layer 2 screams that it can only have two sides, two IP addresses, well, that means it's not multi-access. And this is all, three, about working out the functionality of multi-access priority, designated IP, designated router, backup designated router; that's a multi-access operation. So, again what does this mean to us?

BR and BDR in Multi-access Networks

Well in these multi-access environments we have to elect someone as the overseer of the exchanges of LSAs, formation and neighborships. And why, why do we want to do this? Well let's just look at this small multi-access environment we have here.

OSPF Neighbors example

Five routers, connected up. Now they're showing a bus topology. But in reality, what would we have? We'd have a switch; they'd all be connected to switches. How many neighborships would have to be formed here? If every router were to neighbor with every other router, that would be five times two, which would be 10, it's a lot.

When we had topology changes or updates, how much traffic would be generated by OSPF and all these devices just to communicate these topology changes? There could be quite a bit of communication going on and the OSPF designers were really afraid of this. You remember when I said that there were 10 neighborships? There's a formula to derive that, not like you need to know. But it grows geometrically based on the number of routers that we have. Formula is N times N-1 divided by 2. And if the number of N, which equals the number of routers on a common segment, is more like 20, then you would have 200 neighborships. That's not good. Actually, it's a little less than 200. It would be like 190. But anyways, it's certainly bad enough that we would have some challenges like small little updates could clog this network up with just a fury of activity. We don't want that. So the OSPF designers said let's have some central points of communication. Think about your family. There is the central points of contact in your family where everybody is like, if I wanted to share news I'm going to call up my aunt Susan and let her know; she's going to disseminate the information for me. That's what the designated router concept is all about. But how does it really work for us?

Well first and foremost, we have to elect that designated router; and that's what that router priority comes into play that we saw in the hello packet. The router with the highest router priority becomes the designated router during the election process. The router with the second highest router priority becomes the backup designated router. Why do we have a backup? In case the designated router goes away. All right, it's gone. Somebody's got to take over. Now everybody else, who do they become? They're known as druthers, druthers or designated router, or DR, others. You can say it like that as well. But, you know, they're neither the designated router or the backup designated router. Now who do we form our neighbor adjacencies with now? One of the great things about this discussion is, you're going to get a lot of great details. And I'm going to spill the beans on something you're going to see pretty soon, okay. But it's beautiful to talk about it here.

Now we're going to form what is called a full adjacency. That's, that's a proper adjacency. That means we're going to get everything from them. DR others are going to form a full adjacency to both the DR and the backup designated router, or BDR, okay? Full adjacency to both of these. And the DRs, whether they be BDR or DR, they're going to form an adjacency with each other. But here's the deal. The DR others, the DRuthers, that Raymond just mentioned, won't get to that full adjacency place. They won't get to that happy place called full. And instead they will stay in a state called, Two-way, Two-way. So I've said something, I've given you two states of neighborship and we're going to see these states in a series of events that happen when neighborships are formed. You're going to see them pretty soon, okay. So full means we're good. Two-way, we're not there yet and, in fact, in the case of two DR others, they're going to stay in this Two-way state, which means we're not getting information from those routers. I also want you to see the IP address that we're communicating with here. We said that OSPF is going to use to 224.0.0.5 for the hello packet. And, in fact, on point-to-point links that's also the IP address that we use pretty much for everything. But on multi-access networks, we do have a communication that goes to .6, 224.0.0.6, specifically, is for when we want to communicate with those BDRs and DRs.

When we want to share some information, when we've got convergence information, we want to pump it into this multi-access environment. We shouted out to .6 and both of the designated routers are going to pick it up including the backup. So we're communicating with two routers simultaneously, when we have this information to share. That's the point of this multicast communication. 224.0.0, that's class D. That's multicast over Internet Protocol version 4, or IPv4, and .6 communicates with both of those routers. These are IP addresses that we want you to know. If you are planning on working out your CCNA and you want to have some numbers memorized.

OSPF Packet Types

OSPF works with five different packet types. We've already discussed one of them, the hello packet. What does the hello packet do? Forms neighbor adjacencies. But there are other packet types that are really important because they are going to be the ones involved in the exchange of those LSAs. The information we need to populate the topology table, so we can ultimately populate our routing table.

(1) Hello Discovers neighbors and builds adjacencies between them
(2) Database Description Checks for database synchronization between routers
(3) Link-State Request Requests specific link-state records from another router
(4) Link-State Update Sends specifically requested link-state records
(5) Link-State Acknowledgement Acknowledges the other packet types

I see right after the hello packet here database description packet. We usually call it the database descriptor and it sounds more technical database descriptor. But anyways, this is something that you learned about this in high school on your book reports. This is the scaled down version of it. You're not going to get the same experience of having the full information. But what it, in fact, does is, it lists of all of the LSAs, the link-state advertisements, and the sequence numbers.

So what you have to do is, routers, when you see these DBDs you see, oh, there are all the sequence numbers. Then I'm going to say, what do I have myself? Am I missing some of those sequence numbers; or maybe there is newer information that I can recognize. It's newer because it's a higher sequence number. Then I play the game of hungry, hungry hippos. Now you may not know what that game is. But I want you think we got to keep on asking for updated information. And how do we ask for newer information and we see it, we recognized it with the DBD? Well in order to collect more of those marbles while I'm playing hungry, hungry hippos, I need to do a link-state request in this particular case, a request. What am I requesting? I'm requesting more information based on that database description, right. We've gone through that. We've looked down through, oh, I need that. I send my link-state request to the specific router that would have that information that I am looking for. And then what does that other router do? Hopefully, they respond back to my request and this is known as a link-state update. That LSU is important because I want you to think that this has the routing information. This is the one that has routing information. Everything else is just background mechanisms. And what is routing information? That has a different acronym it's called LSA. So link-state update is just a packet that contains information stored as LSAs, link-state advertisements. And we're going to learn a lot about these link-state advertisements.

Just a forewarning, there are five key LSA types that you could find in this LSU packet. And so, this is the response to our request. But it would also be something that we would do if there's a change. Think about the name of this routing protocol type? It's link-state, it's a link-state routing protocol. Our link which means interface on the local router goes down, we're going to send an link-state update or LSU to our neighboring routers, maybe, to the BDRs, and the DRs, saying, 'Hey, something has changed inside of our area I want you to know about it. I'm going to communicate that with this LSU.'

Then it looks like we've got some acknowledging to do. Again, I would argue that this is the political or this is the politeness factor of the routing protocol. That's right, I've received that packet, thank you. It helps us make sure there we're reliable. Because we want reliable communication tune our routers with OSPF. If we have sequence numbers associated with all this information that we're exchanging and we're acknowledging all this information that we're exchanging, we can be a pretty reliable protocol in this particular case, without having to rely on other protocols such as TCP to do that for us.