OSPF
What It Is
Open Shortest Path First is a link-state interior gateway protocol. Routers exchange link-state advertisements, build a shared link-state database for an area, and calculate shortest paths with Dijkstra SPF. OSPF is still common in enterprise, service provider, data center, and lab networks, but the modern design target is usually clean areas, clear summarization, authentication where supported, and fewer clever special cases.
Core Attributes
| Attribute | OSPFv2 | OSPFv3 |
|---|---|---|
| Primary use | IPv4 routing | IPv6 routing, also address families on some platforms |
| Transport | IP protocol 89 | IP protocol 89 |
| Multicast all SPF routers | 224.0.0.5 | ff02::5 |
| Multicast all DR routers | 224.0.0.6 | ff02::6 |
| Administrative distance on Cisco | 110 | 110 |
| Metric | Cost | Cost |
| Algorithm | Dijkstra SPF | Dijkstra SPF |
Modern note: OSPFv2 is for IPv4. OSPFv3 was built for IPv6 and has different operational details. Do not assume every OSPFv2 command maps directly to OSPFv3.
Packet Types
| Type | Packet | Purpose |
|---|---|---|
| 1 | Hello | Neighbor discovery and keepalive |
| 2 | Database Description | Summary of LSDB contents during adjacency build |
| 3 | Link State Request | Requests missing or newer LSAs |
| 4 | Link State Update | Carries LSAs |
| 5 | Link State Acknowledgment | Confirms LSA receipt |
Neighbor States
| State | Meaning | What To Check If Stuck |
|---|---|---|
| Down | No hellos received | Interface, multicast, timers |
| Attempt | NBMA neighbor configured but not heard | NBMA config |
| Init | Hello received, but not bidirectional | Neighbor sees you, masks, ACLs |
| 2-Way | Bidirectional hello | Normal on DROTHER to DROTHER |
| ExStart | Master/slave negotiation | MTU mismatch, duplicate router ID |
| Exchange | Database summaries exchanged | MTU, packet loss |
| Loading | Requesting missing LSAs | LSDB mismatch, packet loss |
| Full | Databases synchronized | Healthy adjacency |
Watch out: 2-Way is normal between non-DR routers on a broadcast segment. Do not troubleshoot it like a failure unless the neighbor should be DR or BDR adjacent.
LSAs And Areas
| LSA Type | Name | Scope | Purpose |
|---|---|---|---|
| 1 | Router | Area | Router links inside an area |
| 2 | Network | Area | Multiaccess segment represented by DR |
| 3 | Summary | Inter-area | Prefixes advertised by ABR |
| 4 | ASBR Summary | Inter-area | Path to an ASBR |
| 5 | External | AS | External routes redistributed into OSPF |
| 7 | NSSA External | NSSA | External routes inside NSSA, translated by ABR |
| Area Type | Allows Type 5 | Allows Type 7 | Default Route Behavior |
|---|---|---|---|
| Standard | Yes | No | Not automatic |
| Stub | No | No | ABR injects default |
| Totally stubby | No | No | ABR injects default and suppresses most summaries |
| NSSA | No | Yes | Optional default depending on config |
| Totally NSSA | No | Yes | Default plus reduced summaries |
Design note: Area types should reduce complexity, not create surprises. If the team cannot quickly explain why an area is NSSA or totally stubby, the design may be too clever.
Network Types
| Network Type | DR/BDR | Default Hello / Dead | Common Use |
|---|---|---|---|
| Broadcast | Yes | 10 / 40 seconds | Ethernet VLANs |
| Point-to-point | No | 10 / 40 seconds | Routed links |
| Nonbroadcast | Yes | 30 / 120 seconds | Legacy NBMA |
| Point-to-multipoint | No | 30 / 120 seconds | Hub and spoke when supported |
Modern note: On Ethernet point-to-point routed links, setting OSPF network type point-to-point can remove unnecessary DR/BDR behavior.
Metrics
OSPF cost is based on interface bandwidth by default on many platforms. Cisco historically used a 100 Mbps reference bandwidth unless changed.
| Link Speed | Cost With 100 Mbps Ref | Cost With 100 Gbps Ref |
|---|---|---|
| 100 Mbps | 1 | 1000 |
| 1 Gbps | 1 | 100 |
| 10 Gbps | 1 | 10 |
| 100 Gbps | 1 | 1 |
Watch out: If every fast link has cost 1, OSPF cannot prefer 100 Gbps over 1 Gbps by cost. Set reference bandwidth consistently across the OSPF domain.
DR And BDR Election
| Rule | Behavior |
|---|---|
| Highest priority wins | Priority range is commonly 0 to 255 |
| Priority 0 | Cannot become DR or BDR |
| Tie breaker | Highest router ID wins |
| No preemption | Existing DR remains until failure or reset |
| Only some network types | Broadcast and NBMA elect DR/BDR |
Design note: In a VLAN with many routers, make the intended routers DR and BDR. In point-to-point designs, avoid DR/BDR where it is unnecessary.
Cisco IOS/IOS-XE Examples
Interface-based OSPF:
router ospf 100
router-id 10.255.0.1
auto-cost reference-bandwidth 100000
passive-interface default
no passive-interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/1
description Routed link to DIST-02
ip address 10.0.12.1 255.255.255.252
ip ospf 100 area 0
ip ospf network point-to-pointArea summarization on an ABR:
router ospf 100
area 10 range 10.10.0.0 255.255.252.0Stub area:
router ospf 100
area 20 stubAuthentication example:
interface GigabitEthernet1/0/1
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 ExampleKeyNotes:
- MD5 examples exist because they are still seen in OSPFv2 brownfield networks. Prefer stronger platform-supported authentication where available.
- Use
passive-interface defaultso OSPF does not send hellos toward endpoints by accident. - Keep
auto-cost reference-bandwidthconsistent on every router in the OSPF domain. - Use interface OSPF config when possible. It is harder to accidentally match the wrong network than wildcard
networkstatements.
Troubleshooting
| Symptom | Check | Likely Cause |
|---|---|---|
| Neighbor stuck Init | Hellos, ACLs, multicast, router ID visibility | One-way reachability or hello mismatch |
| Neighbor stuck ExStart or Exchange | MTU, duplicate router ID, packet loss | MTU mismatch or negotiation issue |
| Route missing in one area | LSDB, ABR, area type, filters | Summary or stub behavior |
| External route missing | ASBR, redistribution, type 5 or type 7 LSAs | Redistribution or NSSA translation |
| Bad path chosen | Interface cost, reference bandwidth | Inconsistent or default costs |
| OSPF flaps | Logs, interface errors, BFD, timers | Physical instability or aggressive timers |
| Unexpected DR | Priority and router ID | Election happened before intended router joined |
Commands
show ip ospf
show ip ospf interface brief
show ip ospf interface GigabitEthernet1/0/1
show ip ospf neighbor
show ip ospf database
show ip route ospf
show ip protocolsExpected clues:
- Router ID is unique and intentional.
- Neighbors reach Full where they should.
- Hello and dead timers match.
- Area ID and network type match.
- MTU does not block adjacency formation.
- LSDB contains expected router, network, summary, and external LSAs.
- Route table has the expected OSPF intra-area, inter-area, or external routes.
Watch Out
- Do not build area 0 through hope. ABRs need real backbone connectivity unless a temporary virtual link is justified.
- Do not leave all fast links at cost 1.
- Do not redistribute routes without tags, filters, and a clear reason.
- Do not use virtual links as a permanent design crutch.
- Do not ignore duplicate router IDs. They create strange adjacency and LSDB behavior.
- Do not make every interface active in OSPF. Passive by default is safer.