Category: OSPFv3

OSPFv3: Graceful Shutdown

Graceful Shutdown in OSPFv3 accomplishes the same goal as OSPFv2 but has slightly different functions that are processed when the shutdown command is entered:

  • The interface begins sending Hello packets with the router priority set to 0, dropping the DR/BDR role where applicable
  • the interface stops accepting Hello packets
  • OSPF flushes all LSAs it originated except a type 1 LSA
  • it floods its type 1 LSA with all links in that lsa having the max cost of 65535
  • after the dead interval expires and all neighbors are dead it flushes its own type 1 LSA
  • it then stops sending and processing OSPFv3 packets

Instead of shutting down immediately like OSPFv2 does, it will allow the dead timer to expire until all neighbors are declared down.

Advertisements

OSPFv3: Prefix Suppression

OSPFv3 Suppression works almost exactly like OSPFv2 prefix suppression, but instead of omitting the transit link prefixes from Type 1 and 2 LSAs, they are omitted from Type 8 and 9 LSAs which is where the network addressing moved to in OSPFv3.

Prefix suppression can be configured per interface, or globally, and can also be configured for all address families or specific address families as needed.

OSPFv3: Address Family Support

RFC 5838 describes new support in OSPFv3 to move toward being a multiprotocol IGP adding support for address families.  Since addressing information was moved away from Type 1 and Type 2 LSA in OSPFv3 to Type 8 and 9 allows OSPFs LSA format to be more flexible to carry different address formats.  Also OSPF was augmented with an instance ID that allows multiple OSPFv3 process to communicate over the same link while remaining separate.

RFC 5838 split the instances to assign specific address families:

ospfaddressfamily.PNG

.The Options bitfield in the OSPFv3 Hellos , DD packets, and LSAs hase a new AF-bit defined.  This bit is set if the sending router supports the address family extension and the specific instance is not an IPv6 unicast instance according to the table.   Basically OSPFv3 routers will keep this bit cleared to indicate IPv6 unicast address families and will set it for all other instance Ids.

If the received an OSPFv3 packet from a neighbor without the AF-bit set, OSPFv3 will treat it as a separate plain unicast instance and will drop any subsequent OSPF packets from that neighbor and never form an adjacency.

Only OSPFv3 routers that support the same instance and AF features will ever form an adjacency.

OSPFv3: Authentication and Encryption

OSPFv3 may be simpler than OSPFv2 with respect to how Authentication is handled.  OSPF itslef does not have any Authentication functionality built in, instead it uses the native AH and ESP functionality built into IPv6.

To enable this under the interface you would configure ipv6 ospf authentication to enable AH or you would use ipv6 ospf encryption to enable ESP.  They are mutually exclusive so you can’t have both.  Only AH or ESP, usually you’d want to choose ESP because it has built in authentication as well.

Using Encryption or Authentication requires you to define a crytpgraphic algorithm and supplying keys that are used for hashing and encryption.  Together, all these features form to create a security association that defines how packets should be protected by IPSEC.   Usually ISAKMP/IKE is used for security association negotiations, with OSPFv3, all these parameters must be specified manually and must match on all routers that mutually authenticate themselves or encrypt OSPFv3 packets.

OSPFv3: OSPFv3 on NBMAs

OSPFv3 will act very similarly to OSPFv2 regarding functionality across NBMAs, OSPF network type defaults to nonbroadcast on interfaces or multipoint interfaces, this requires that oSPF be configured with a static unicast neighbor whose address would be its link-local address to create a neighbor shipt.

It still takes a minute or two for a neighborship to form across frame relay but the key is to always remember to include the ipv6 ospf neighbor command using the neighbors link local address to form an adjacency.

OSPFv3: LSAs

OSPFv3 uses many of the same LSAs as OSPFv2 except for using two additional LSAs whose functions are noted below:

Type 1 Router LSA – Describes a router and its links to its neighboring objects within a single area

Type 2 Network LSA – Generated by DR to represent the multiaccess  transit network and its connection to member routers

Type 3 Inter-Area Prefix LSA – Originated by ABRs to describe inter-area networks in other areas

Type 4 Inter-Area Router LSA – Originated by ABRs to advertise the existence of ASBRs in other areas

Type 5 Autonomous System External LSA – Originated by an ASBR in a Regular area to describe networks learned from other protocols

Type 7 NSSA LSA – Originated by ASBR in an NSSA to describe networks learned from other protocols

Type 8 Link LSA – Advertises link-local address and prefixes of a router to all other routers on the link, as well as option information, this is sent if more than one router is present on a link

Type 9 Intra-Area-Prefix LSA – Performs one of two functions:

  • Associates a list of IPv6 prefixes with a transit network by pointing to a Network LSA
  • Associates a list of IPv6 prefixes with a router by pointing to a Router LSA

 

OSPFv3: Differences between OSPFv2 and OSPFv3

OSPFv2 and OSPFv3 share many concepts however here are the major differences between the two protocols:

  • OSPFv3 is configured using interface commands, to enable an interface for a particular area and begin sending/receiving OSPF packets all you configure is ipv6 ospf 1 area 2 under the interface and that turns on the protocol and advertises the network on that port.   This also creates the ipv6 router ospf 1 in global configuration mode.
  • OSPFv3 can advertise multiple networks on an interface, if multiple secondary addresses are configured on the same interface all those networks are advertised as well.
  • OSPFv3 RID must be set, it will not dynamically learn or assign a RID if there are no IPv4 addresses, if there are some present it can still dynamically assign one based on the IPv4 address.
  • OSPFv3 has 3 flooding scopes:
    • Link local scope – new LSA type link LSA
    • Area scope – this is for LSAs flooded throughout a single OSPFv3 area.  Used by router, network, inter-area prefix, intra-area prefix, and inter-area router LSA type
    • AS scope – LSAs are flooded throughout the routing domain this is used for AS external LSAs
  • Multiple Instances per link – OSPFv3 supports multiple instances on a single interface where there are multiple routers connected to the same multi access segment, and you don’t want all routers to form neighborships but instead only specific routers, you can do this by instancing the OSPF configration under the interface.
  • Terminology – OSPFv3 uses the term link as represented in OSPFv2 as a network
  • Link local addresses are used on the interface to source all OSPF packets from with the exception of virtual links, virtual links used a globally scoped IPv6 address to source packets from
  • Authentication – OSPF does not support any method of authentication as AH and ESP are built into IPv6 natively
  • Networks in LSAs – OSPFv2 expresses prefixes as address/mask in its LSAs, OSPFv3 expresses prefixes as prefix/prefix length, where the default routes prefix length is 0.