Today’s post is about one of the most basic OSPF rules.
I was often called upon, in past jobs, to conduct technical interviews with applicants to network engineering and professional services positions. A CCIE and experience commensurate with that certification was typically a gateway to just being considered for a technical interview, so these job candidates were no slouches in what they knew.
Unless the candidate came from a service provider background they probably had no practical MPLS and IS-IS, and only basic BGP, experience. So I usually couldn’t dig very deep there, and only tried to determine their capacity for quickly coming up to speed on those protocols. I did, however, expect every candidate to have extensive experience with OSPF and that’s where I focused most of my questions.
That leads to my favorite technical interview question, one that I asked almost every time. It’s a question that reveals whether a person has some understanding of how the protocol works, rather than just how to configure it. And I am still surprised how often people stumble on it.
Here it is:
Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?
Comparing three fundamental concepts of link state protocols, concepts that even most OSPF beginners understand, easily derives the answer to the question.
The first concept is this:
Every link state router floods information about itself, its links, and its neighbors to every other router. From this flooded information each router builds an identical link state database. Each router then independently runs a shortest-path-first calculation on its database – a local calculation using distributed information – to derive a shortest-path tree. This tree is a sort of map of the shortest path to every other router.
One of the advantages of link state protocols is that the link state database provides a “view” of the entire network, preventing most routing loops. This is in contrast to distance vector protocols, in which route information is passed hop-by-hop through the network and a calculation is performed at each hop – a distributed calculation using local information. Each router along a route is dependent on the router before it to perform its calculations correctly and then correctly pass along the results. When a router advertises the prefixes it learns to its neighbors it’s basically saying, “I know how to reach these destinations.” And because each distance vector router knows only what its neighbors tell it, and has no “view” of the network beyond the neighbors, the protocol is vulnerable to loops.
The second concept is this:
When link state domains grow large, the flooding and the resulting size of the link state database becomes a scaling problem. The problem is remedied by breaking the routing domain into areas: That first concept is modified so that flooding occurs only within the boundaries of an area, and the resulting link state database contains only information from the routers in the area. This, in turn, means that each router’s calculated shortest-path tree only describes the path to other routers within the area.
The third concept is this:
OSPF areas are connected by one or more Area Border Routers (the other main link state protocol, IS-IS, connects areas somewhat differently) which maintain a separate link state database and calculate a separate shortest-path tree for each of their connected areas. So an ABR by definition is a member of two or more areas. It advertises the prefixes it learns in one area to its other areas by flooding Type 3 LSAs into the areas that basically say, “I know how to reach these destinations.”
Wait a minute – what that last concept described is not link state, it’s distance vector. The routers in an area cannot “see” past the ABR, and rely on the ABR to correctly tell them what prefixes it can reach. The SPF calculation within an area derives a shortest-path tree that depicts all prefixes beyond the ABR as leaf subnets connected to the ABR at some specified cost.
And that leads us to the answer to the question:
Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free inter-area topology, in which traffic from one area can only reach another area through area 0.
This is my little gift to you. The next time you are being interviewed by an old coot that likes to use this question to weed out the cookbook operators from those who actually understand a little about OSPF, you can bring a smile to his grizzled face.
http://www.networkworld.com/community/node/19293
1 comment:
Superb..greatly thanks for such nice explanation.
Post a Comment