Network statements in the OSPF process are no longer order-dependent

When I was still teaching Cisco courses, we were telling the students that the order of network statements in an OSPF process was important if their ranges were overlapping; the first network statement that matched an interface IP address would place that interface in the corresponding area. This is no longer true, Cisco IOS now properly handles overlapping network ... area configuration commands.
Consider the following example:

fw#conf t
Enter configuration commands, one per line. End with CNTL/Z.
fw(config)#router ospf 100
fw(config-router)#network 0.0.0.0 255.255.255.255 area 0
fw(config-router)#network 10.0.0.0 0.0.3.255 area 1
13:06:57: %OSPF-6-AREACHG: 10.0.0.0 255.255.252.0 changed from area 0 to area 1
fw(config-router)#network 10.0.0.0 0.0.0.7 area 2
13:07:10: %OSPF-6-AREACHG: 10.0.0.0 255.255.255.248 changed from area 1 to area 2
fw(config-router)#^Z
I've entered overlapping network statements, each one with a smaller address range. Not only does IOS detect that they overlap, it also prints nice syslog messages and reorders the commands in the running configuration. Well done !
fw#show run | begin router ospf
router ospf 100
log-adjacency-changes
network 10.0.0.0 0.0.0.7 area 2
network 10.0.0.0 0.0.3.255 area 1
network 0.0.0.0 255.255.255.255 area 0

5 comments:

  1. thanks for this awesome site! i am studying for my ccie and am reviewing ospf now. i thought that the ospf network statements were executed top to bottom like an access list (if a match, then exit), but i now see correctly. :)

    ReplyDelete
  2. Do you know from which release this feature is integrated?

    ReplyDelete
  3. No idea ... even the 12.4 documentation still claims (incorrectly) that the network statements are processed sequentially in the order they were entered.

    ReplyDelete
  4. Hi Ivan!

    FYI: I've just performed some tests w/ 3640's image and can confirm that changes in order dependency took place somewhere between 11.3T and 12.0:

    11.3(9)T:
    ---------
    #sh startup
    [snip]
    !
    router ospf 1
    network 0.0.0.0 255.255.255.255 area 0.0.0.0
    network 172.16.0.0 0.0.255.255 area 0.0.0.1
    network 172.16.2.0 0.0.1.255 area 0.0.0.2
    network 172.16.3.0 0.0.0.255 area 0.0.0.3
    !

    #sh run
    [snip]
    !
    router ospf 1
    network 0.0.0.0 255.255.255.255 area 0.0.0.0
    !

    Note: When I try to enter initial ospf's config via CLI it alarms for each subsequent entry after 0.0.0.0/255.255.255.255:

    % OSPF: "network 172.16.0.0 0.0.255.255 area 0.0.0.1" is ignored. It is a subset of a previous entry.


    12.0(14):
    ---------

    #sh startup
    [snip]
    !
    router ospf 1
    network 0.0.0.0 255.255.255.255 area 0.0.0.0
    network 172.16.0.0 0.0.255.255 area 0.0.0.1
    network 172.16.2.0 0.0.1.255 area 0.0.0.2
    network 172.16.3.0 0.0.0.255 area 0.0.0.3
    !

    #sh run
    [snip]
    !
    router ospf 1
    network 172.16.3.0 0.0.0.255 area 0.0.0.3
    network 172.16.2.0 0.0.1.255 area 0.0.0.2
    network 172.16.0.0 0.0.255.255 area 0.0.0.1
    network 0.0.0.0 255.255.255.255 area 0.0.0.0
    !

    #sh log
    [snip]

    %OSPF-6-AREACHG: 172.16.0.0/16 changed from area 0.0.0.0 to area 0.0.0.1

    %OSPF-6-AREACHG: 172.16.2.0/23 changed from area 0.0.0.1 to area 0.0.0.2

    %OSPF-6-AREACHG: 172.16.3.0/24 changed from area 0.0.0.2 to area 0.0.0.3

    [snip]

    HTH!

    ReplyDelete
  5. Thanks. This is great information :))

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.