OSPF and ARP on Unnumbered IPv4 Interfaces

After figuring out ARP details, describing how routers use ARP to resolve entries in the IP routing table, and considering what we already know about OSPF on unnumbered IPv4 interfaces, we’re finally ready to answer Daniel’s question:

We’ll use a simple OSPF lab consisting of three Arista cEOS routers with unnumbered point-to-point links. Here’s the netlab topology file describing the lab:

defaults.device: eos
addressing.p2p.ipv4: True
module: [ ospf ]

nodes: [ r1, r2, r3 ]
links: [ r1-r2, r1-r3, r2-r3, r1, r2, r3 ]
Lab topology

Lab topology

Exchanging OSPF Packets

OSPF does not need ARP. OSPF does not work over unnumbered IPv4 interfaces unless you configure them as a point-to-point OSPF link.

On a point-to-point link, OSPF sends all packets to the all routers IP multicast address (224.0.0.5). You don’t need ARP to do that – Section 6.4 of RFC 1112 describes a simple algorithm that translates an IP multicast address into a MAC address.

Routing Table

When OSPF inserts the best routes into the IP routing table, it sets the outgoing interface and the next-hop IP address for each route1:

  • The route toward the IP address the adjacent router uses on the point-to-point link is inserted as a directly connected (no next hop) OSPF route.
  • All other routes going through the OSPF neighbor use the IP address of the neighbor as the next hop.
r1#show ip route ospf interface ethernet 2
...
 O        10.0.0.3/32 is directly connected, Ethernet2
 O        172.16.2.0/24 [110/20] via 10.0.0.3, Ethernet2

However, this trick only works if the neighboring router advertises its IP address on the point-to-point link in its OSPF LSA (remember: the route inserted in the IP routing table must be an OSPF route).

If we disable OSPF on the loopback address of R2, R1 can no longer insert that host route into the IP routing table, and the other routes advertised by R2 become unanchored (they use a next hop that does not exist)

r1#show ip route ospf interface ethernet 1

WARNING: Some of the routes are not programmed in
kernel, and they are marked with '%'.
...
 O%       172.16.1.0/24 [110/20] via 10.0.0.2, Ethernet1

Lessons learned:

  • Use the loopback IP address as the source IP address of the unnumbered interfaces2
  • Make sure the loopback interface3 is advertised by OSPF.

What About ARP?

ARP details and ARP and Static Routes blog posts contain all you need to know; here’s the TL&DR:

  • When trying to resolve the MAC address of the directly connected remote IP address (usually: remote loopback interface), the router sends an ARP request for the remote IP address from the source IP address used on the interface (usually: local loopback interface).
  • The remote router has no problem replying to the ARP request. The requested IP address is used on the interface (usually, ARP works even if you turn off proxy ARP), and the source IP address is not checked.
  • The router receiving the ARP reply knows that the source IP address (of the ARP reply) is reachable through the incoming interface, accepts the ARP reply, and completes the forwarding entry in the IP forwarding table.
  • All other OSPF routes use the remote IP address as the next hop and need no further ARP resolution.

  1. The rest of this section describes Arista EOS behavior. Most OSPF implementations do something similar, but the details may vary. Run your own tests. ↩︎

  2. Arista EOS seems to use the loopback IP address as the source address in the OSPF packets regardless of what you configure with the ip unnumbered command. ↩︎

  3. Or whatever other IP address you’re using as the source IP address of the unnumbered interfaces ↩︎

Latest blog posts in Unnumbered IPv4 Interfaces series

More blog posts in this series

Recent posts in the same categories

1 comments:

  1. Pär Stolpe 01 September 2023 12:06

    Beware of the fact that having more than one ospf link in between the same two nodes, together with unnumbered interfaces for multipathing purposes would most likely cause troubles. I don't know if any vendor have solved it or if they just recommend using link aggregation instead.

    Replies
    1. Jonas Åström 01 September 2023 11:28

      Good point. With the standard Arista design principles for leaf-and-spine (and uplink limitations typical for leaf switches) you would probably most of the time only use a single interface per spine peer. (?)

    2. Ivan Pepelnjak 01 September 2023 12:16

      Nope, it works flawlessly with Arista EOS and Cisco IOS XE

    3. Pär Stolpe 01 September 2023 11:15

      Great that it's not an issue now, at least in those OS's I tried it out some years ago don't remember the exact release now but it didn't play nicely for me back then. https://supportportal.juniper.net/s/article/MX-ACX-Limitations-of-unnumbered-interfaces?language=en_US

    4. Ivan Pepelnjak 02 September 2023 08:42

      Now that you mention it -- I remember a similar restriction on unnumbered VLAN interfaces on Catalyst 7600.

      I was surprised when I first heard about OSPF working over unnumbered Ethernet links, but then figured out most everyone does it correctly, and forgot about the painful history. Thanks for the reminder!

Add comment
Home
Sidebar