Link State Routing In particular OSPF Karst Koymans Informatics Institute University of Amsterdam (version 17.4, 2017/11/30 12:33:57) Tuesday, November 28, 2017 Link State Protocols Basic ideas Problems and pitfalls OSPF Rationale Parameters Databases Network representation and architecture OSPF packet details OSPF packet header The different types of OSPF packets Link State Advertisement packets OSPF for IPv6 Link State Protocol Link State Packets A Link State Protocol Builds on complete information about the network topology Uses Dijkstra s Single Source Shortest Path Tree algorithm Replaces a distance vector protocol in the case of more complex topologies Has a faster convergence time than distance vector protocols Link State Packets (LSPs) represent the state of a router and its links to the rest of the network This representation would suffice for point to point links Broadcast networks (LANs) and NBMA networks are represented by virtual nodes inside the topology Designated routers (DRs) speak on their behalf Backed up by Backup Designated routers (BDRs)
Non-broadcast networks Learn to know your neighbours NBMA Non-Broadcast Multiple Access Full mesh of connectivity, but not all at once in one packet Topological connectivity via elected (B)DR Point-to-Multipoint A subset of the collection of all point-to-point links No full mesh of connectivity Considered as multiple instances of point-to-point links Hence no (B)DR is elected Easy on point to point links Just send out greetings (hello packets) Both ends will become adjacent A little more advanced on broadcast networks Send out hello packets using multicast Not all neighbours will become adjacent Only those that are neighbors in the virtual topology One of the adjacent routers is always a (B)DR LSP generation LSP distribution Periodic announcements with a long period Uses the LSRefreshTime parameter, which is 30 minutes Very much different from RIP, which uses 30 seconds Triggered updates are sent as soon as there are changes Detection of a new neighbour (link or node coming up) Detection of a link or node failure Change of link cost LSPs are distributed throughout the network Distribution can t use the routing database for distant nodes Why? What is the difference with RIP here? Ordinary flooding is problematic, why? It would need a TTL to prevent loops Even then it may cause exponential multiplication of packets Smart flooding recognizes identical LSPs Causing propagation to be tree-like
Most recent LSP problem Pitfalls LSPs may arrive out of order Therefore we need a mechanism to recognize older packets What mechanisms are available for this recognition? What about using timestamps? Timestamps cause trouble if clocks are not synchronised or out of order! What about using sequence numbers? Sequence numbers need an ageing procedure to protect from stale information for instance when a router reboots and starts from scratch Sequence numbers may wrap Sequence number ordering is not a total ordering, not even a partial ordering a < b < c < d < e < f < g < h < a Intermezzo (1) Intermezzo (2) The devilish dice game Suppose I present to you three dice With digits between 1 and 6, inclusive, on their sides Not necessarily all distinct, so possibly with duplicates For example: A=111223, B=123456, C=444444 You may pick first a dice from the set {A, B, C} I pick one of the remaining two dice Then we throw the dice and higher number wins with payout 1/0/-1 for win/draw/loss Are you willing to play this game? With an arbitrary set of (known) dice? There are three dice, A, B and C such that A is better than B B is better than C C is better than A A:114444 B:333333 C:222255
ARPANET lockup (real historic event 1 ) Lockup solution On ARPANET an early version of a link state protocol was used. Suppose we have sequence numbers a, b, c with a < b < c < a. Use an age (or ttl) field which will be increased (or decreased) periodically and always increase the age (decrease the ttl) by at least one when passing the LSP on Forgetting this was the main problem in the total ARPANET lockup Use a very large sequence number space and wait for timeouts after overflow while reflooding LSPs with maximum age Causing those to time out prematurely Why didn t ageing do its job? 1 According to Radia Perlman in the Interconnections book OSPF advantages (1) OSPF advantages (2) OSPF Introduces hierarchical routing Supports subnets Uses efficient multicast for flooding Supports point-to-point, broadcast, NBMA and point-to-multipoint networks Uses metrics built on cost, per interface OSPF Supports virtual links for backbone connectivity Supports load balancing Supports unnumbered interfaces/networks Has built in authentication
OSPF fun :) Some OSPF facts IETF T-shirt IS IS = 0 The old time IETF versus ISO controversy But OSPF in fact really builds on BBN s research on SPF Early versions of OSI s IS-IS OSPF builds directly upon IP (not on UDP) OSPF uses protocol type 89 Current OSPF version is 2 RFC 2328 (Moy, 1998) RFC 2740 (OSPF for IPv6, 1999) version 3 Obsoleted by RFC 5340 (2008) OSPF uses LSA (Link State Advertisement) terminology instead of LSP (Link State Packet) Timers and Overflow Consistent LSA Databases These must be the same for all OSPF neighbours Otherwise the neighbours won t talk at all HelloInterval (default 10 sec) RouterDeadInterval (default 40 sec) In the case of a database overflow external routing information is dropped first LSAs must be acknowledged LSAs (and their acks) are queued/flagged for transmission LSAs must time out at about the same time by using triggered (re)distribution of age MaxAge 2 packets for LSAs with an existing sequence number which must be honored only if there is already an LSA for this node in the local database 2 MaxAge is 1 hour (60 minutes)
(Backup) Designated Router Multicast usage On LANs every router becomes adjacent to the Designated Routers A Designated Router (DR) and a Backup Designated Router (BDR) is elected on every multi-access network using Hello packets The (B)DR represents the network as a virtual node in the graph and acts on the network s behalf The DR/BDR election process is sticky This is one of the main differences with IS-IS The priority of routers can be configured Multicast 3 to AllDRouters (224.0.0.6) Multicast 3 to AllSPFRouters (224.0.0.5) There is also a unicast Ack from the DR back to R 3 OSPFv3 for IPv6 uses FF02::6 and FF02::5 Hierarchical routing Virtual Links Area 0 is the backbone area Limbs (non-backbone) are all other areas, not equal to 0 Area 5 is not physically connected to the backbone A virtual link extends the backbone to the new ABR and behaves as an unnumbered point to point link
Inter Area Summary (IAS) Router roles IASs are injected by ABRs IASs make use of a hub and spoke topology Summary information is spread RIP-like There are no loops or slow convergence Virtual links maintain the hub and spoke topology These virtual spokes are in fact paths through their transit area treated as unnumbered links in the backbone Backbone router Has at least one interface inside area 0 Internal router All interfaces are completely within a single area (backbone or otherwise) Area Border Router (ABR) Has an interface inside area 0 and one or more other areas Autonomous System Boundary Router (ASBR) Participates in another (external) routing protocol Area Border Router (ABR) Autonomous System Boundary Router (ASBR) Attaches to multiple areas Runs multiple copies of the basic algorithm One copy for each area Summarizes area data (destination networks) towards the backbone Receives summarized data from the backbone about other areas including the backbone itself Can aggregate summary data Can be part of any area Interfaces with other routing protocols BGP, RIP, IS-IS, OSPF, Injects external routes into OSPF ASBR notion is independent of backbone, internal or ABR router
Stub(by) area OSPF packet header (24 bytes) A stub(by) area is an area into which no external routing information is injected by the ABRs It uses a default route for all external destinations The default route is injected by all ABRs A totally stubby area is a stubby area into which not even inter-area summaries are injected A not so stubby area is a stubby area inside which certain external information is originated and flooded locally 0 7 8 15 16 31 Version Type Packet length Router ID Area ID Checksum AuType Authentication OSPF packet header fields OSPF packet types OSPF packet header fields Version 2 Type 1 5 (see next slide) Packet length Total length, including this header Router ID ID of packet sending router Area ID The area a packet belongs to (is destined for) Checksum One s complement checksum AuType Null, Simple or Crypto Authentication Pointer to message digest (Crypto) OSPF packet types Type Meaning 1 Hello 2 Database Description 3 Link State Request 4 Link State Update 4 5 Link State Acknowledgement 5 4 These contain the Link State Advertisements 5 Don t confuse these with LSAs
OSPF Hello packet (20 + N 4 bytes) OSPF Hello packet fields 0 15 16 23 24 31 Network Mask Hello fields HelloInterval Options Rtr Pri RouterDeadInterval Designated Router Backup Designated Router Neighbor #1. Neighbor #N Repeated for each neighbor that is alive Network Mask HelloInterval Options Rtr Pri RouterDeadInterval Designated Router Backup Designated Router Neighbor Subnet mask of link Interval in seconds between hello packets Multiple metrics (T 6 ); no stub area (E); Router priority, used for (B)DR election Interval to consider a silent neighbor dead IP address of DR IP address of BDR Living neighbor Router IDs 6 Deprecated because of lack of experience with TOS OSPF DD packet (8 + N 20 bytes) OSPF DD packet fields 0 15 16 23 24 31 DD fields Interface MTU Options 00000 I M M S DD sequence number LSA header #1 Fragment of. database with LSA header #N only headers The LSA headers include age and sequence number Interface MTU Detection of MTU mismatch Options Same as for Hello packets I Init bit (first packet) M More bit (more packets follow) MS Master/Slave bit DD sequence number For use in the lockstep exchange LSA header Link state database LSA instance identity 7 7 Specific LSA instance, including age and sequence number
OSPF LS request packet (N 12 bytes) OSPF LS request packet fields 0 31 LS type Link State ID Advertising Router Multiple occurrences LS request fields LS type Link State ID Advertising Router Link type of the LSA ID of (link type specific part of) the LSA Router ID of originating router These three fields are part of the LSA header. Note that these request packets do not include an age or sequence number. Together these entries uniquely identify an LSA, but not an LSA instance. The Database Description packets refer to a specific LSA instance, but still without actual data. OSPF LS Update packet OSPF LS Update packet fields 0 31 # LSAs (N) LSA #1 N occurrences LS Update fields # LSAs Number of LSAs inside the update packet LSA #i A complete Link State Advertisement LSA #N Link State Updates contain complete and specific instances of Link State Advertisements (LSAs) with all relevant data. The LSAs have a variable size, depending on LS type.
OSPF LS Acknowledgement packet (N 20 bytes) OSPF LS Acknowledgement packet fields 0 31 LSA header #1 N occurrences LS Acknowledgement fields LSA header #i A complete Link State Advertisement header LSA header #N Link State Acknowledgements again refer to specific instances, but contain no actual data. Link State Advertisements LSA header (20 bytes) Multiple LSAs may be found inside a Link State Update packet Every LSA consists of LSA header (20 bytes) LS(A) type specific content 0 15 16 23 24 31 LS age Options LS type Link State ID Advertising Router LS sequence number LS Checksum Length
LSA header fields LS types LSA header fields LS age Options LS type Link State ID Advertising Router LS sequence number LS Checksum Length Time in seconds since the LSA was originated Same as for Hello packets Link type of the LSA (see next slide) ID of (link type specific part of) the LSA Router ID of originating router Used for most recent check of LSA packets The Fletcher checksum of the LSA (without age) Length in bytes of the LSA, including the header LS types LS Type Meaning 1 Router LSA 2 Network LSA 3 Network Summary LSA 4 AS Boundary Router Summary LSA 5 AS External LSA 7 NSSA LSA (see next slide) Topological (1,2), prefix (3,5,7) and mixed (4) information NSSA Link State IDs Link State IDs NSSA stands for Not So Stubby Area Support for certain external routes throughout the area itself NSSA uses its own special type (7) These LSAs are translated at the ABR into ordinary external LSAs (type 5) for the rest of the OSPF domain It is common to inject a type 7 default route from the NSSA boundary router(s) into the NSSA LS Type Link State ID meaning 1 Router ID of originating router 2 IP address of the network s DR 3 The destination network s prefix 4 Router ID of described ASBR 5 The destination network s prefix 7 The destination network s prefix Router LSA Link State ID Network LSA Link State ID Summary LSA Link State ID External LSA Link State ID
Link State IDs Router LSA (LS type = 1) without header Link State IDs LS Type Link State ID meaning 1 Router ID of originating router 2 IP address of the network s DR 3 The destination network s prefix 4 Router ID of described ASBR 5 The destination network s prefix 7 The destination network s prefix repeated # Links times 0 7 8 1516 31 0 V E B 0 # Links Link ID Link Data Type # TOS Metric TOS 0 TOS metric } # TOS times 8 Router LSA Link State ID Network LSA Link State ID Summary LSA Link State ID External LSA Link State ID Originated by every router Flooded throughout the area(s) the router belongs to 8 For backward compatibility (but never really implemented or used) Router LSA fields Router LSA type field Router LSA fields V Router is virtual link endpoint E Router is AS Boundary Router B Router is Area Border Router # Links Number of router links described Link ID ID of the connected network Link Data Extra information on network Type Type of connected network # TOS Number of extra TOSs (usually 0) Metric Cost of link Router LSA type field Type Meaning 1 Point-to-point link 2 Transit network 3 Stub network 4 Virtual link
Router LSA Link ID field Router LSA Link Data field Router LSA Link ID field Type Meaning 1 Router ID of neighbor router 2 IP address of Designated Router 3 IP (sub)network number 9 4 Router ID of neighbor router Router LSA Link Data field Type Meaning 1 Originating router s interface IP address 2 Originating router s interface IP address 3 Connected (sub)network mask 4 Originating router s interface IP address 9 This can also be a host (with a /32 mask in the link data) Link State IDs Link State IDs LS Type Link State ID meaning 1 Router ID of originating router 2 IP address of the network s DR 3 The destination network s prefix 4 Router ID of described ASBR 5 The destination network s prefix 7 The destination network s prefix Router LSA Link State ID Network LSA Link State ID Summary LSA Link State ID External LSA Link State ID Network LSA (LS type = 2) without header 4 + N 4 bytes 0 31 Network Mask Attached Router Originated by Designated Router Flooded throughout the area No metric included but see RFC 8042 ( OSPF Two-Part Metric ) } Repeated for each attached router
Network LSA fields Link State IDs Link State IDs Network LSA fields Network Mask (Sub)network mask 10 Attached Router Router ID of router(s) on network LS Type Link State ID meaning 1 Router ID of originating router 2 IP address of the network s DR 3 The destination network s prefix 4 Router ID of described ASBR 5 The destination network s prefix 7 The destination network s prefix Router LSA Link State ID Network LSA Link State ID Summary LSA Link State ID External LSA Link State ID 10 Where is the network itself defined? Summary LSA (type = 3, 4) without header Summary LSA fields 0 7 8 31 Network Mask 11 0 Metric TOS TOS metric } for each desired TOS Summary LSA fields Network Mask 12 Address mask for the advertised destination Metric Cost to advertised destination Originated by Area Border Router Flooded throughout the area(s) 11 Only relevant for type 3 12 Only relevant for type 3
Link State IDs AS External LSA (LS type 5 and 7) without header Link State IDs LS Type Link State ID meaning 1 Router ID of originating router 2 IP address of the network s DR 3 The destination network s prefix 4 Router ID of described ASBR 5 The destination network s prefix 7 The destination network s prefix 0 7 8 31 Network Mask E 0 Metric Forwarding address External Route Tag E TOS TOS metric Forwarding address External Route Tag for each desired TOS Router LSA Link State ID Network LSA Link State ID Summary LSA Link State ID External LSA Link State ID Originated by AS Boundary Router Flooded throughout the whole AS (type 5) Flooded throughout NSSA (type 7) AS External LSA fields Representation of routers and networks AS External LSA fields Network Mask E Metric Forwarding address External Route Tag Address mask for the advertised destination External cost is higher than internal cost Cost to advertised destination Comparable to Next Hop in RIP Comparable to Route Tag in RIP Source: RFC 2328
Representation of point to multipoint networks Example OSPF network from RFC 2328 Source: RFC 2328 Source: RFC 2328 The directed graph for the example network The shortest path tree from router RT6 Source: RFC 2328 Source: RFC 2328
Router (RT12) and network (N9) LSAs OSPF for IP version 6 Also referred to as OSPFv3 Published as RFC 5340 Extensive, incompatible modification of OSPFv2 Therefore needs a new version number (3) Basic functionality is the same Flooding, areas, SPT, (B)DRs, Source: RFC 2328 Important changes Router and network LSAs All addressing semantics moved to LSA payload Works per-link instead of per-subnet Introduces a new link-lsa Introduces explicit flooding scope Link scope, Area scope and AS scope Removes authentication from packet header Authentication uses AH and ESP headers Do not contain address information any more Only topological connectivity No IPv6 prefix information Network protocol independent Prefix information on transit and stub networks is inside a new intra-area-prefix-lsa Link-LSAs now distribute Link local addresses of routers IPv6 prefixes used on the link Option announcements for network LSAs
LSA renamings Type-3 summary-lsas are now called inter-area-prefix-lsas Type-4 summary LSAs are now called inter-area-router-lsas