Category: Tags
OSPF
ChatGPT explaining OSPF to a high-school kid
Configuration Tips
This blog started as a collection of (hopefully) helpful configuration tricks, and I documented numerous Cisco IOS configuration tips in the early 2000s.
- Network Statements in the OSPF Process Are No Longer Order-Dependent
- Enhanced OSPF Adjacency Logging
- Network Statements Are No Longer Needed in OSPF Configuration
- Be Smart When Using the OSPF Network Statement
- Increased Number of OSPF processes in MPLS VPN Environments
- OSPF Router-Id Does Not Change When the Interface IP Address Changes
- Subnet Masks in OSPF Network Statements
- OSPF in a VRF Requires a Box-Unique Router ID
- Reverse Lookup of OSPF Router IDs
- Display Interfaces Belonging to a Single OSPF Process
- OSPF Ignores Subnet Mask Mismatch on Point-to-Point Links
- IOS Fossils: OSPF-to-BGP Redistribution
- Limitations of VRF Routing Protocols on Cisco IOS
- IOS Fossils: Classful OSPF Redistribution
- “ip ospf mtu-ignore” Is a Dangerous Command
- OSPF and Connected Networks: To Redistribute or Not?
- Unnumbered OSPF Interfaces in Quagga (and Cumulus)
Implementation Details
Let’s start with the elephant in the room: OSPF areas – a simple concept that got way too convoluted when OSPF started accreting nerd knobs like NSSA areas:
- Primary/Backup Area Border Router Designs
- Do We Still Need OSPF Areas and Summarization?
- OSPF Areas and Summarization: Theory and Reality
- Nerd Knobs Save the Day: NSSA Saga Continues
- Running OSPF in a Single Non-Backbone Area
- OSPF Summarization and Split Areas
- When OSPF Becomes a Distance Vector Protocol
OSPF default routes are another confusing topic. You could have inter-area default routes (used in stub areas) or external default routes that could be conditional or unconditional.
- Inserting Default Route Into OSPF
- OSPF Default Route: Design Scenarios
- tested configuration
- OSPF Default Route Based on IP SLA
- Default Routing in NSSA Area
OSPF adjacencies are another fun troubleshooting topic:
- OSPF Neighbors Stuck in EXSTART
- Troubleshooting OSPF Adjacencies
- Challenge: Establish OSPF Adjacency on a LAN Interface
- OSPF LAN Adjacency Challenge: Final Results
- Challenge: Mixing Numbered and Unnumbered Interfaces
- Mixing Numbered and Unnumbered OSPF Interfaces: Solution
The inimitable forwarding address in type-5 LSA will make your head explode when combined with the NSSA areas.
- OSPF Forwarding Address: Yet Another Kludge
- OSPF Forwarding Address YAK: Take 2
- Why OSPF Needs Forwarding Address With NSSA Areas
- The Unintended Consequences of NSSA Kludges
- More Thoughts on OSPF Forwarding Address
Want even more OSPF details? I documented way too many of them since I started blogging, including:
- Type-1 (Router) LSA in OSPF Topology Database
- OSPF Graceful Shutdown
- More Details on OSPF Route Filters
- Common Sense Prevails Over RFC 2328
- OSPFv3 Router ID: the Long Shadow of IPv4
- OSPF Breaks When Faced With Overlapping IP Addresses
- OSPF Router ID Selection Trivia
- SPF Events in OSPF and IS-IS
- OSPF Router ID Selection: the Gory Details
- OSPF Route Selection Rules
- Change in OSPF Designated Router Creates Extra Network LSAs
- Inter-Process OSPF Route Selection Rules
- Why Is OSPF not Using TCP?
- What Exactly Happens after a Link Failure?
- OSPF Inter-Process Route Selection
- LSA/LSP Flooding in OSPF and IS-IS
- OSPF External Routes (Type-5 LSA) Mysteries
- OSPFv3 on Bird Needs IPv6 LLA on the Loopback Interface
Deploying OSPF
Creative networking engineers often forget an unpleasant truth: OSPF is a single security domain. You should never run it with less-trusted peers, be it your customers, data center servers, or virtual machines.
- Do Not EVER Run OSPF or IS-IS With Your Internet Customers
- Don’t Run OSPF with Your Customers
- Why Would I Use BGP and not OSPF between Servers and the Network?
OSPF by itself is complex enough, but the real fun starts when you combine it with other protocols (for example, BGP and LDP):
- MPLS LDP Autoconfiguration
- Use Slow IGP Startup in LDP-only MPLS Environments
- LDP-IGP Synchronization in MPLS Networks
- OSPF Meets EIGRP
- Fixing the FIB Bottleneck
- Synchronizing BGP and OSPF (or OSPF and LDP)
- Unexpected Interactions Between OSPF and BGP
- Why Do We Need BGP-LS?
Running OSPF in large hub-and-spoke networks (for example, large DMVPN networks) is another tough challenge:
- OSPF Flooding Filters in Hub-and-Spoke Environments
- RIP Rocks in Low-End Hub-and-Spoke Networks
- Can You Run OSPF over DMVPN?
- Sometimes You Need to Step Back and Change Your Design
- OSPF Configuration in Phase 1 DMVPN Network
- Configuring OSPF in a Phase 2 DMVPN network
- More OSPF-over-DMVPN Questions
- DMVPN as a Backup for MPLS/VPN
- OSPF-over-DMVPN Using Two Hub Routers
- Redundant DMVPN designs, Part 1 (The Basics)
- Combining DMVPN with Existing MPLS/VPN Network
While you could use OSPF to get unequal-cost multipathing, you might be tripped by numerous caveats; no wonder there are few implementations of this concept.
- Why Is OSPF (Or IS-IS) Afraid of Unequal-Cost Load Balancing
- Unequal-Cost Multipath in Link State Protocols
- Single-Metric Unequal-Cost Multipathing Is Hard
Finally, you can run OSPF over unnumbered interfaces, be it point-to-point serial links or Ethernet segments:
- Configure OSPF on Unnumbered Interfaces
- Packet Forwarding and Routing over Unnumbered Interfaces
- Running OSPF over Unnumbered Ethernet Interfaces
- OSPF and ARP on Unnumbered IPv4 Interfaces
- OSPF ECMP with Unnumbered IPv4 Interfaces
Rants
Now and then, I couldn’t resist writing an OSPF-related rant:
- Routing Protocols: Perfect Example of RFC 1925 Rule 5
- Stop Googling and Start Testing
- Is OSPF Unpredictable or Just Unexpected?
- Link-State Routing Protocols Are Eventually Consistent
- Building a Small Network with ChatGPT
- Why Is OSPF (and BGP) More Complex than STP?
What Others Are Writing About OSPF
- What I've Learned About Scaling OSPF in Data Centers
- Redistributing Full BGP Feed into OSPF
- OSPF Watcher
Other OSPF Blog Posts
- MPLS Traffic Engineering myths
- WAN Routing in Data Centers with Layer-2 DCI
- Implementing Control-Plane Protocols with OpenFlow
- Routing Protocols on NSX Edge Services Router
- BGP or OSPF? Does Topology Visibility Matter?
- Generating OSPF, BGP and MPLS/VPN Configurations from Network Data Model
- Use VRFs for VXLAN-Enabled VLANs
- FRRouting RIB and FIB
- FRRouting Loopback Interfaces and OSPF Costs
- Must Read: OSPF Protocol Analysis (RFC 1245)
EVPN
ChatGPT trying (and failing) to explain EVPN
What Is EVPN?
Before going into the technical details, let’s start with the basics: What is EVPN, how does it work, and where can you use it?
- What Is EVPN?
- EVPN: The Great Unifying Theory of VPN Control Planes?
- EVPN Is More than VPLS on Steroids
- BGP, EVPN, VXLAN, or SRv6?
- Multivendor EVPN Just Works
- Why Are We Using EVPN Instead of SPB or TRILL?
- VXLAN Broadcast Domain Size Limitations
- Active-Active Data Centers with VXLAN and EVPN
- Comparing EVPN with Flood-and-Learn Fabrics
- Studying EVPN to Prepare for a Job Interview
- Is Dynamic MAC Learning Better Than EVPN?
- Dataplane MAC Learning with EVPN
EVPN Designs
EVPN was designed to be used in an IBGP environment on top of an IGP. With the eruption of EBGP as better IGP hype, many vendors tried to adapt EVPN to an environment running EBGP instead of OSPF. We covered some of the typical EVPN designs in these blog posts:
- BGP in EVPN-Based Data Center Fabrics
- Using EVPN in Very Small Data Center Fabrics
- Pragmatic EVPN Designs
- VXLAN Leaf-and-Spine Fabric
- IBGP Full Mesh Between Leaf Switches
- BGP Route Reflectors Considered Harmful
- Scaling IBGP with Route Reflectors
- EBGP Everywhere
- EVPN EBGP over IPv4 EBGP
- EVPN IBGP over IPv4 EBGP
Other blog posts focus on various design details:
- BGP in EVPN-Based Data Center Fabrics (Updated)
- Scaling EVPN BGP Routing Designs
- Implications of Valley-Free Routing in Data Center Fabrics
- VXLAN and EVPN on Hypervisor Hosts
- When EVPN EBGP Session between Loopbacks Makes Sense
- BGP AS Numbers on MLAG Members
- EVPN/VXLAN or Bridged Data Center Fabric?
- Multi-Vendor EVPN Fabrics
- Layer-3 WAN Handoff (L3Out) in VXLAN/EVPN Fabrics
- VXLAN/EVPN Layer-3 Handoff (L3Out) on Arista EOS
Finally, several blog posts describe various EVPN VPN topologies:
- Simple EVPN/VXLAN Bridging
- Building Layer-3-Only EVPN Lab
- Layer-3-Only EVPN: Behind the Scenes
- Common Services VRF with EVPN Control Plane
- Hub-and-Spoke VPN Topology
- EVPN Hub-and-Spoke Layer-3 VPN
EVPN Implementation Details
There are tons of tiny little things that can go wrong when you try to deploy EVPN. I documented them as I stumbled upon them:
- EVPN Route Target Considerations in EBGP Environment
- Using 4-Byte BGP AS Numbers With EVPN on Junos
- Dissecting IBGP+EBGP Junos Configuration
- Private VLANs With VXLAN
- VMware NSX Killed My EVPN Fabric
- EVPN Route Targets, Route Distinguishers, and VXLAN Network IDs
- EVPN Auto-Rd and Duplicate MAC Addresses
- Next-Hop and VTEP Reachability in EVPN Networks
- Duplicate ARP Replies with Anycast Gateways
- More Arista EOS BGP Route Reflector Woes
- Using EVPN/VXLAN with MLAG Clusters
- DHCP Relaying in EVPN VRFs
- Silent Hosts in EVPN Fabrics
- Repost: Campus-Wide Wireless Roaming with EVPN
- Using Multiple Transit VNIs per EVPN VRF
Beyond VXLAN
While EVPN is often used with VXLAN today, it was designed to work with the MPLS data plane, resulting in a few quirks:
- EVPN With MPLS Data Plane in Data Centers
- Q-in-Q Support in Multi-Site EVPN
- EVPN/MPLS Bridging Forwarding Model
- EVPN VLAN-Aware Bundle Service
- Does EVPN/VXLAN over SD-WAN Make Sense?
- Per-Prefix and Per-VRF MPLS/VPN and EVPN Labels/VNIs
EVPN Rants
Some vendors’ marketing engineers (or Senior Directors) can’t stand anyone telling them their implementation might be suboptimal, going to great lengths to prove to themselves they’re right, and generating beautiful fodder for rants.
- Don’t Sugarcoat the Challenges You Have
- The EVPN Dilemma
- The EVPN/EBGP Saga Continues
- EVPN Control Plane in Infrastructure Cloud Networking
- EVPN/VXLAN Complexity
- On the Viability of EVPN
- Multi-Vendor EVPN Fabrics
- LISP vs EVPN: Mobility in Campus Networks
Videos
You can watch numerous videos from the EVPN Technical Deep Dive webinar without an ipSpace.net account:
- EVPN Multihoming Taxonomy and Overview
- EVPN Multihoming Deep Dive
- MLAG with EVPN
- vPC Fabric Peering with EVPN Multihoming
- Advantages and Drawbacks of EVPN-based Multihoming
What Others Wrote About EVPN
- EVPN in Data Center
- Arista EVPN-Based Automation Virtual Lab
- Switching to IP fabrics
- ARP Problems in EVPN
- EVPN/VXLAN with FRR on Linux Hosts
- Troubleshooting EVPN Control Plane
- Introduction of EVPN at DE-CIX