top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

​​Summary:

1. Ensure "Shoe" does not form OSPF neighbors on its LAN network (for security reason)

2. Adjust the Hello Timer on the "Sock" WAN interface to send Hello message 1/sec so you can make OSPF recover faster.

3. Create loopback interfaces in such a way that Router IDs are pingable from any router

 

1. Ensure "Shoe" does not form OSPF neighbors on its LAN network

Shoe:

Method 1.

router ospf 1
 passive-interface fa 0/0 !------------------ this disables the hello message, but it still advertises its network to everybody else
 

#Test:

Shoe(config-router)#do sh ip ospf interface
FastEthernet0/0 is up, line protocol is up
  Internet Address 10.1.3.1/24, Area 0
  Process ID 1, Router ID 4.4.4.4, Network Type BROADCAST, Cost: 100
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 4.4.4.4, Interface address 10.1.3.1
  No backup designated router on this network
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    No Hellos (Passive interface)    !-------------------------------------------------- here you see "no hello"
  Supports Link-local Signaling (LLS)
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 0
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 0, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)
Serial1/0 is up, line protocol is up
  Internet Address 10.1.2.2/24, Area 0
  Process ID 1, Router ID 4.4.4.4, Network Type POINT_TO_POINT, Cost: 6476
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:02  !------------------------------------- serial interface still has hello message
  Supports Link-local Signaling (LLS)
  Index 2/2, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 3.3.3.3
  Suppress hello for 0 neighbor(s)
Shoe(config-router)#



Method 2. (prefered)

router ospf 1
 passive-interface default !------------------------- turn off ospf on all interfaces
 no passive-interface serial 1/0 !------------------- only enable the interface that needs to run ospf

 

2. Adjust the Hello Timer on the "Sock" WAN interface to send Hello message 1/sec so you can make OSPF recover faster.

Sock:


Sock#sh ip ospf interface
FastEthernet0/0 is up, line protocol is up
  Internet Address 10.1.1.3/24, Area 0
  Process ID 1, Router ID 3.3.3.3, Network Type BROADCAST, Cost: 1000
  Transmit Delay is 1 sec, State DROTHER, Priority 1
  Designated Router (ID) 1.1.1.1, Interface address 10.1.1.1
  Backup Designated router (ID) 2.2.2.2, Interface address 10.1.1.2
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:05
  Supports Link-local Signaling (LLS)
  Index 2/2, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 1
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 2, Adjacent neighbor count is 2
    Adjacent with neighbor 1.1.1.1  (Designated Router)
    Adjacent with neighbor 2.2.2.2  (Backup Designated Router)
  Suppress hello for 0 neighbor(s)
Serial1/0 is up, line protocol is up
  Internet Address 10.1.2.1/24, Area 0
  Process ID 1, Router ID 3.3.3.3, Network Type POINT_TO_POINT, Cost: 6476
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5  !----------------------------- default is 10 sec, and wait 40 seconds
    oob-resync timeout 40
    Hello due in 00:00:00
  Supports Link-local Signaling (LLS)
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 2
  Last flood scan time is 0 msec, maximum is 4 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 4.4.4.4
  Suppress hello for 0 neighbor(s)
Sock#



int s1/0
 ip ospf hello-interval 1

#NOTE: you have to do the same on its neighbor router because hello interval has to be matched on both routers

*Mar  3 00:22:15.115: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on Serial1/0 from FULL to DOWN, Neighbor Down: Dead timer expired

Sock#sh ip ospf neighbor  !------------------------------------------------------------------------------- You no longer see 4.4.4.4 (Shoe)

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1          10   FULL/DR         00:00:39    10.1.1.1        FastEthernet0/0
2.2.2.2           1   FULL/BDR        00:00:36    10.1.1.2        FastEthernet0/0
Sock#


Shoe:

int s1/0
 ip ospf hello-interval 1


#Test:

Sock#sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface
1.1.1.1          10   FULL/DR         00:00:35    10.1.1.1        FastEthernet0/0
2.2.2.2           1   FULL/BDR        00:00:31    10.1.1.2        FastEthernet0/0
4.4.4.4           0   FULL/  -        00:00:03    10.1.2.2        Serial1/0  !------------------------------------now you see Shoe as the neighbor again
Sock#

 

3. Create loopback interfaces in such a way that Router IDs are pingable from any router

Shoe:

int loopback 0
 ip address 4.4.4.4 255.255.255.255
router ospf 1
 network 4.4.4.4 0.0.0.0 area 0



#Test:

Tie#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     4.0.0.0/32 is subnetted, 1 subnets
O       4.4.4.4 [110/7477] via 10.1.1.3, 00:00:45, FastEthernet0/0   !----------------------------------- now you see the route from Tie
     10.0.0.0/24 is subnetted, 3 subnets
O       10.1.3.0 [110/7576] via 10.1.1.3, 00:00:45, FastEthernet0/0
O       10.1.2.0 [110/7476] via 10.1.1.3, 00:00:45, FastEthernet0/0
C       10.1.1.0 is directly connected, FastEthernet0/0
Tie#


Tie#ping 4.4.4.4     !-----------------------------------------------------------------------------------and you can ping Shoe's loopback from Tie

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/61/84 ms
Tie#




Sock:

int loopback 0
 ip address 3.3.3.3 255.255.255.255
router ospf 1
 network 3.3.3.3 0.0.0.0 area 0


Belt:

int loopback 0
 ip address 2.2.2.2 255.255.255.255
router ospf 1
 network 2.2.2.2 0.0.0.0 area  0


Tie:

int loopback 0
 ip address 1.1.1.1 255.255.255.255
router ospf 1
 network 1.1.1.1 0.0.0.0 area  0

 

 

 

 

 

 

 

 

 

 

 

 

 

 

-Yu
 

bottom of page