Optimization, convergence and scalability

1.4.e i Metrics

General information on “OSPF Metrics”:

• Metric is the second factor which OSPF considers in its path selection
• The metric of a route can be influenced in two ways:
  • Modifying the general interface bandwidth value (not preferred)
  • Modifying the OSPF interface cost (preferred)
  • Modifying the OSPF reference bandwidth (preferred)
• Problem with interface bandwidth value is that it affects other protocols/decisions/… as well
• For modern networks the OSPF reference bandwidth should be set to at least 10G, better 100G
• The default OSPF reference bandwidth is 100Mbit
• Important: Preferred way is the OSPF interface cost and/or OSPF reference bandwidth!

“OSPF Metrics” CLI configuration commands:

## ===========================
## Valid for OSPFv2 and OSPFv3
## ===========================

## Modifying bandwidth value of a specific interface
Router(config)# interface <if>
Router(config-if)# bandwidth <value>


## ======
## OSPFv2
## ======

## Modifying the OSPFv2 cost on a per-interface basis
Router(config)# interface <if>
Router(config-if)# ip ospf cost <value>

## Modifying the OSPFv2 reference bandwidth
Router(config)# router ospf <pid>
Router(config-router)# auto-cost reference-bandwidth <value>


## ======
## OSPFv3
## ======

## Modifying the OSPFv3 cost on a per-interface basis for both address families
Router(config)# interface <if>
Router(config-if)# ospfv3 <pid> cost <value>

## Modifying the OSPFv3 cost on a per-interface basis for a specific address family
Router(config)# interface <if>
Router(config-if)# ospfv3 <pid> [ipv4 | ipv6] cost <value>

## Modifying the OSPFv3 reference bandwidth for the whole process
Router(config)# router ospfv3 <pid>
Router(config-router)# auto-cost reference-bandwidth <value>

## Modifying the OSPFv3 reference bandwidth for a specific address family
Router(config)# router ospfv3 <pid>
Router(config-router)# address-family [ipv4 | ipv6]
Router(config-router-af)# auto-cost reference-bandwidth <value>

1.4.e ii LSA throttling, SPF tuning, fast hello

LSA throttling

General information on “OSPF LSA throttling”:

• With LSA throttling, generating (sending) and receiving of identical LSAs can be modified (timers in milliseconds)
• This is especially useful in networks with many instabilities
• An LSA is considered identical when LSA ID, LSA type and advertising router ID match
• The LSA throttle slows down the LSA generation (sending)
• The LSA arrival slows down LSA receiving
• LSA throttle timers:
  • <start-time>: Initial value to start LSA generation
  • <hold-interval>: Minimum waiting time between two subsequent LSAs, doubles every time (x^2) the same LSA has to be re-generated.
  • <max-time>: The maximum waiting time between two subsequent LSAs, also limits the maximum value of the hold-interval.
• The start-time resets after there’s a full hold-interval without generating an LSA.
• The hold-interval resets after there’s a full max-time without generating an LSA.
• LSA arrival timer: Minimum seconds between two identical LSAs. If a subsequent identical LSA arrives too fast (< LSA arrival timer) it will be dropped.

“OSPF LSA throttling” CLI configuration commands:

## ======
## OSPFv2
## ======

## Configuring LSA throttling for OSPFv2
Router(config)# router ospf <pid>
Router(config-if)# timers throttle lsa <start-time> <hold-interval> <max-time>

## Configuring the LSA arrival timer for OSPFv2
Router(config)# router ospf <pid>
Router(config-if)# timers lsa arrival <milliseconds>


## ======
## OSPFv3
## ======

## Configuring LSA throttling for the whole OSPFv3
Router(config)# router ospfv3 <pid>
Router(config-router)# timers throttle lsa <start-time> <hold-interval> <max-time>

## Configuring LSA throttling for a specific OSPFv3 address family
Router(config)# router ospfv3 <pid>
Router(config-router)# address-family [ipv4 | ipv6]
Router(config-router-af)# timers throttle lsa <start-time> <hold-interval> <max-time>

## Configuring the LSA arrival for the whole OSPFv3 process
Router(config)# router ospfv3 <pid>
Router(config-router)# timers lsa arrival <milliseconds>

## Configuring the LSA arrival for a specific OSPFv3 address family
Router(config)# router ospfv3 <pid>
Router(config-router)# address-family [ipv4 | ipv6]
Router(config-router-af)# timers lsa arrival <milliseconds>

SPF tuning

General information on “OSPF SPF tuning”:

• Same mathematical behavior as “LSA throttling” but for running the SPF algorithm
• This is especially useful in networks with many instabilities
• Used to bundle several incoming LSAs together to run the SPF only once instead of several times
• LSA throttle timers:
  • <start-time>: Initial wait time to start SPF algorithm.
  • <hold-interval>: Minimum waiting time between two subsequent SPF runs, doubles every time (x^2) for each LSA run.
  • <max-time>: The maximum waiting time between two subsequent SPF runs, also limits the maximum value of the hold-interval. Also defines how long the network has to be stable before the hold-interval is reset to start-time.
• The start-time resets after there’s a full hold-interval without receiving an LSA which triggers the SPF.
• The hold-interval resets after theres a full max-time without receiving an LSA which triggers the SPF.

“OSPF SPF tuning” CLI configuration commands:

## ======
## OSPFv2
## ======

## Configuring SPF tuning for OSPFv2
Router(config)# router ospf <pid>
Router(config-if)# timers throttle spf <start-time> <hold-interval> <max-time>


## ======
## OSPFv3
## ======

## Configuring SPF tuning for the whole OSPFv3 process
Router(config)# router ospfv3 <pid>
Router(config-router)# timers throttle spf <start-time> <hold-interval> <max-time>

## Configuring SPF tuning for a specific OSPFv3 address family
Router(config)# router ospfv3 <pid>
Router(config-router)# address-family [ipv4 | ipv6]
Router(config-router-af)# timers throttle spf <start-time> <hold-interval> <max-time>

fast hello

General information on “OSPF fast hello”:

• Only configurable within OSPFv2
• With OSPF fast hellos it’s possible to reduce the convergence time to under 1 second
• This is done by setting the OSPF Dead interval to 1 second and Hello interval to a fraction of 1 second
• Configuration is done per interface, not globally
• If an interface is configured for OSPF fast hellos, the hello interval advertised out of the interface is set to 0 and the interval in incoming hello packets is ignored
• The Dead interval must match between two neighbors
• Good to know: BFD should be used whenever available since it’s more lightweight, therefor less CPU-intensive and failure detection can be as low as 150ms!

“OSPF fast hello” CLI configuration commands:

## ======
## OSPFv2
## ======

## Configuring OSPFv2 fast hello on a per-interface basis
Router(config)# interface <if>
Router(config-if)# ip ospf dead-interval minimal hello-multiplier <multiplier>

1.4.e iii LSA propagation control (area types)

General information on “OSPF LSA propagation control (area types)":

• With the different OSPF area types it’s possible to control which areas allow which LSAs
• More information about LSA propagation control (area types) can be found at 1.4.b Network types, area types

1.4.e iv Stub router

General information on “OSPF Stub router”:

• Stub router != stub area
• A stub router is a non-transit router (also known as “end-of-the-line” router)
• With the stub router it’s possible to forbid OSPF to use a router as transit-router
• When enabled, LSAs will be originated with an infinite metric (65535)
• Useful when an old router needs to be taken out of service
• Important: This feature only affects transit-traffic and not directly connected links!

“OSPF Stub router” CLI configuration commands:

## ======
## OSPFv2
## ======

## Configuring the stub router feature for OSPFv2
Router(config)# router ospf <pid>
Router(config-if)# max-metric router-lsa [arguments]


## ======
## OSPFv3
## ======

## Configuring the stub router feature for the whole OSPFv3 process
Router(config)# router ospfv3 <pid>
Router(config-router)# max-metric router-lsa [arguments]

## Configuring the stub router feature for a specific OSPFv3 address family
Router(config)# router ospfv3 <pid>
Router(config-router)# address-family [ipv4 | ipv6]
Router(config-router-af)# max-metric router-lsa [arguments]

1.4.e v Loop-free alternate

IP FRR

General information on “OSPF IP FRR”:

• Only configurable within OSPFv2 (on IOS-XE)
• With FRR (Fast ReRoute) it’s possible to install an existing backup/repair path in the FIB
• This can be done on a per-link or per-prefix basis
• This reduces the routing transition to less than 50ms
• Without FRR, OSPF has to re-run the SPF algorithm in the specific area
• OSPF LFA tie-breakers:
  • SRLG (Shared Risk Link Groups): Don’t select a LFA of the same SRLG than the primary path.
  • Primary Path: Prefer a LFA that’s part of ECMP.
  • Interface Disjoint: Don’t select a LFA that uses the same outgoing interface.
  • Lowest Metric: Always select the LFA with the lowest metric.
  • Linecard Disjoint: Don’t select a LFA that uses an interface on the same linecard.
  • Node Protecting: Prefer a LFA that doesn’t pass through the same next-hop router.
  • Broadcast Interface Disjoint: Don’t select a LFA that passes through the same broadcast area as the primary path.
  • Downstream: Don’t select a LFA whose neighbor metric is higher than our own metric (comparable to EIGRP FC).
  • Secondary Path: Prefer a LFA that’s not part of EMCP.
• Important: The order of tie-breakers depends on the used IOS version!
• Example: Even if a alternative path to a destination (with a worse metric) is known, it still takes some time to install it in the RIB. Although this process is fast, it takes longer than IP FRR.

Configuration considerations:

• Prefix-Priority:
  • High: FRR is only calculated for /32 prefixes
  • Low: FRR is calculated for all prefixes
• Keep-all-Paths:
  • Used to install not only one but all available repair-paths to a destination
  • Important: Although all repair-paths are kept, only one will be “active” and all other “ignored”.

“OSPF LFR IP FRR” CLI configuration commands:

## ======
## OSPFv2
## ======

## Configuring IP FRR for OSPFv2
Router(config-router)# fast-reroute per-prefix enable area <id> prefix-priority [high | low]
Router(config-router)# fast-reroute keep-all-paths

“OSPF LFR IP FRR” CLI show commands:

## Showing all repair paths in the RIB
Router# show ip route repair-paths

Remote LFA

General information on “OSPF Remote LFA”:

• Only configurable within OSPFv2 (on IOS-XE)
• Provides FRR for MPLS environments
• Provides a mechanism where if a LFA path from a direct neighbor is not available, traffic can be tunneled to a remote router that delivers the traffic to the destination
• Function is based on up and running LDP and requires targeted LDP sessions to be allowed
• Packets destined for the to-be-protected prefix will be sent to the PQ node via MPLS double-tagged packets
• When the primary path fails, the IP packet is imposed with an extra label (explained based on graphics below):
  • Outer label: Label that R1 has for R3’s loopback address
  • Inner label: Label for 6.6.6.6/32 provided by R3 to R1 over the targeted LDP session
• Remote LFA Terminology (explained based on graphic below):
  • P Space: Set of routers R1 can reach without using the failed link. Calculated with SPT algorithm by using R1 as root.
  • Q Space: Set of routers R5 can reach without using the failed link. Calculated with SPT algorithm by using R1 as root.
  • PQ Node: Router which is common in P and Q space. This is where the remote LFA tunnel is terminated. There could be multiple PQ nodes, but the algorithm only selects one. This router is narrowed down to the one that can reach the to-be-protected prefix without going through R1.

// Graphic missing - Coming soon //

“OSPF LFR Remote LFA” CLI configuration commands:

## ======
## OSPFv2
## ======

## Configuring Remote LFA for OSPFv2
Router(config)# mpls ldp discovery targeted-hello accept

Router(config-router)# fast-reroute per-prefix enable prefix-priority [high | low]
Router(config-router)# fast-reroute per-prefix remote-lfa tunnel mpls-ldp

“OSPF LFR Remote LFA” CLI show commands:

## Showing all available OSPFv2 Remote LFA tunnels
Router# show ip ospf fast-reroute remote-lfa tunnels

1.4.e vi Prefix suppression

General information on “OSPF Prefix suppression”:

• By default, OSPF advertises all transit link LSAs to all routers
• This is unnecessary since a router only needs the information of the next-hop to forward the packet
• This is because traffic will be sent OVER but NOT TO the transit links
• Prefix suppression removes only the prefix information of the transit links, no the transit links themselves
• Suppressing unnecessary LSAs helps in faster SPF calculation and decreases the LSDB
• This only applies to LSA Type 1 and 2
• Can be configured globally or per interface
• Applying the command to an end-host segment removes the reachability of it
• Important: Prefix-Suppression must be disabled on the to-be-used transit-link for virtual-links to work. This is because although the RID is the target of a virtual-link, the transit-link addresses are used to connect them.
• Important: Enabling Prefix-Suppression globally won’t suppress loopbacks, secondary IP addresses and passive-interfaces!

“OSPF Prefix suppression” CLI configuration commands:

## ======
## OSPFv2
## ======

## Disabling/Enabling prefix suppression in OSPFv2 globally
Router(config)# router ospf <pid>
Router(config-router)# [no] prefix-suppression

## Disabling/Enabling prefix suppression in OSPFv2 on a per-interface basis
Router(config)# interface <if>
Router(config-router)# ip ospf prefix-suppression [disable]


## ======
## OSPFv3
## ======

## Disabling/Enabling prefix suppression in OSPFv3 globally
Router(config)# router ospfv3 <pid>
Router(config-router)# [no] prefix-suppression

## Disabling/Enabling prefix suppression in OSPFv3 for a specific address family
Router(config)# router ospfv3 <pid>
Router(config-router)# address-family [ipv4 | ipv6]
Router(config-router-af)# [no] prefix-suppression

## Disabling/Enabling prefix suppression in OSPFv3 on a per-interface basis for both address families
Router(config)# interface <if>
Router(config-if)# ospfv3 <pid> prefix-suppression [disable]

## Disabling/Enabling prefix suppression in OSPFv3 on a per-interface basis for a specific address family
Router(config)# interface <if>
Router(config-if)# ospfv3 <pid> [ipv4 | ipv6] prefix-suppression [disable]