OSPF Router ID and Loopback Interface Myths

Daniel Dib wrote a nice article describing the history of the loopback interface1, triggering an inevitable mention of the role of a loopback interface in OSPF and related flood of ancient memories on my end.

Before going into the details, let’s get one fact straight: an OSPF router ID was always (at least from the days of OSPFv1 described in RFC 1133) just a 32-bit identifier, not an IPv4 address2. Straight from the RFC 1133:

Router ID a 32-bit number that uniquely identifies this router in the AS. One possible implementation strategy would be to use the smallest IP interface address belonging to the router.

Someone within Cisco focused too much on the latter part of the above paragraph, resulting in decades-long insistence on OSPF router ID being an interface IPv4 address3. That slant persisted as the informal OSPF lore spread across other vendors4.

However, compared to what we have to deal with today, the initial implementation attempts were particularly “interesting”5. Here’s how I remember Cisco’s slow realization of the gap between theory and practice6:

  1. Initially, Cisco would pick the highest IP address of any interface configured on the box as the router ID.
  2. Even worse, they would change the router ID if that interface went down, resulting in a temporary loss of a router node for no good reason.
  3. Losing a transit router just because an interface flapped eventually bothered enough customers to trigger a change in the router ID selection algorithm. They figured out that using a loopback interface IPv4 address as a router ID makes for more stable networks, so the above rule #1 was changed into ’the highest loopback IPv4 address, or the highest IPv4 address if the device has no loopbacks'
  4. Years later7, we got the router-id command.
Fun fact: according to Cisco IOS IPv6 command reference, the ipv6 router ospf command was added in IOS release 12.2(15)T and it took until IOS release 15.2T to get the router-id OSPFv3 configuration command.
  1. Sometime during that journey, they got to a point where a loss of an interface no longer triggered a change in the router ID. Even changing the interface IP address that was used as the router ID no longer changes the router ID (you have to clear the OSPF process to change it). Mission Accomplished.

However, based on the my experience writing OSPF-in-VRFs netlab configuration templates for numerous devices, Cisco IOS is the only device that still treats OSPF router ID as something special8.

All other devices are perfectly happy to start multiple OSPF processes with the same router ID9; Cisco IOS (and IOS/XE) refuses to do that, rejects duplicate statically-configured router-id10, and uses the above algorithm to pick a different OSPF router ID for every VRF OSPF process. Even worse, if you configure two OSPFv3 routing processes (without static router IDs) but have a single IPv4 address on the device, one of them won’t start.

  1. If only he would also publish it on his blog for posterity 🤷‍♂️ ↩︎

  2. I was too stupid focused on Cisco’s documentation to realize it at the time when I was creating the Advanced OSPF course. It took me years to figure out it pays to read the RFCs. ↩︎

  3. If I remember correctly, there are modern implementations that expect you to configure explicit router IDs. ↩︎

  4. It looks like none of the vendors mentioned in the first Experience with the OSPF protocol from 1991 are still around. Also, I didn’t know that Dino Farinacci of the EIGRP and LISP fame worked on OSPF at 3com at that time. ↩︎

  5. Some of them falling into the “what were you thinking” category. ↩︎

  6. Yeah, I know that snark is easy with perfect hindsight, but hey, I had to live with all that. Give me some slack ;) ↩︎

  7. In release 12.0T according to Cisco IOS OSPF command reference. ↩︎

  8. To make Cisco IOS pass OSPF-in-VRF integration tests (we use router ID to verify whether the expected OSPF adjacencies are up), we had to add a device quirk that generates different OSPF router IDs for every VRF OSPF instance. No other device we implemented OSPFv2/OSPFv3 for required that quirk. ↩︎

  9. Which is perfectly fine unless you connect multiple OSPF processes running on the same box to the same OSPF network. ↩︎

  10. Another fun fact: while refusing the configured OSPF router ID, Cisco IOS generates an error message that Ansible ios_config module does not recognize as an error. The Ansible playbook configuring OSPF succeeds, but the device is not working the way you’d expect it to work. ↩︎

Recent posts in the same categories

Add comment
Home
Sidebar