OSPF Virtual Links – The Details

A little over a year ago I wrote an article on Cisco.com on how to take the OSPF topology table and turn it into a diagram. The goal of that document was to really show how each LSA interacts and creates a network. What has been missing from that document is how Virtual Links work in this context.

ospf_virtual_link

Looking at a simple topology, a Virtual Link is required between R4 and R3 to provide connectivity to R5. I won’t go into the details of the normal connectivity, but starting with R4 we can already see interesting things happening

Mystery 1: DNA Bit

R4#show ip ospf database

            OSPF Router with ID (192.168.0.4) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
192.168.0.2     192.168.0.2     701   (DNA) 0x80000002 0x0064A6 1
192.168.0.3     192.168.0.3     1     (DNA) 0x80000002 0x003E12 2
192.168.0.4     192.168.0.4     294         0x80000006 0x0052C7 2
192.168.0.5     192.168.0.5     610         0x80000003 0x0031A1 1

                Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.23.0.2       192.168.0.2     701   (DNA) 0x80000001 0x00D4FE
10.45.0.5       192.168.0.5     610         0x80000002 0x00C5EC

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.12.0.0       192.168.0.2     804   (DNA) 0x80000002 0x00C0EF
10.34.0.0       192.168.0.3     701   (DNA) 0x80000001 0x00B3E6
10.34.0.0       192.168.0.4     294         0x80000002 0x00ABEC

Notice that all LSAs learned over the Virtual Link have the Do Not Age (DNA) bit set. This indicates two things: First R4 won’t expire these LSAs unless explicitly told by R3, but it also means that R3 will never flood these LSAs to R4 again. This is a result of RFC 1793. OSPF considers Virtual Links “demand circuits”, like old dial-up links, and tries to minimize the amount of information sent across them.

The DNA bit set on these LSAs is carried on to R5 as well.

R5#show ip ospf database

            OSPF Router with ID (192.168.0.5) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
192.168.0.2     192.168.0.2     702   (DNA) 0x80000002 0x0064A6 1
192.168.0.3     192.168.0.3     2     (DNA) 0x80000002 0x003E12 2
192.168.0.4     192.168.0.4     443         0x80000006 0x0052C7 2
192.168.0.5     192.168.0.5     757         0x80000003 0x0031A1 1

Mystery 2: Building the SPF Tree

The next question to ask is how does OSPF link the LSAs through the virtual link to know where to send the traffic? Let’s look at the link between R1 and R2, 10.12.0.0/24


R4#show ip ospf database summary 10.12.0.0

            OSPF Router with ID (192.168.0.4) (Process ID 1)

                Summary Net Link States (Area 0)

  Routing Bit Set on this LSA in topology Base with MTID 0
  LS age: 804 (DoNotAge)
  Options: (No TOS-capability, DC, Upward)
  LS Type: Summary Links(Network)
  Link State ID: 10.12.0.0 (summary Network Number)
  Advertising Router: 192.168.0.2
  LS Seq Number: 80000002
  Checksum: 0xC0EF
  Length: 28
  Network Mask: /24
        MTID: 0         Metric: 10

First, notice that this has the DoNotAge flag set, since it was learned over the Virtual Link.
Next, the advertising router is 192.168.0.2, which must be an ABR in Area 0, so let’s find the Router LSA for 192.168.0.2

R4# show ip ospf database router 192.168.0.2

            OSPF Router with ID (192.168.0.4) (Process ID 1)

                Router Link States (Area 0)

  Routing Bit Set on this LSA in topology Base with MTID 0
  LS age: 701 (DoNotAge)
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 192.168.0.2
  Advertising Router: 192.168.0.2
  LS Seq Number: 80000002
  Checksum: 0x64A6
  Length: 36
  Area Border Router
  Number of Links: 1

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.23.0.2
     (Link Data) Router Interface address: 10.23.0.2
      Number of MTID metrics: 0
       TOS 0 Metrics: 10

Now we know a segment and the DR on that segment, let’s look at the LSA generated by the DR, the Network LSA.

R4#show ip ospf database network 10.23.0.2

OSPF Router with ID (192.168.0.4) (Process ID 1)

Net Link States (Area 0)

Routing Bit Set on this LSA in topology Base with MTID 0
LS age: 701 (DoNotAge)
Options: (No TOS-capability, DC)
LS Type: Network Links
Link State ID: 10.23.0.2 (address of Designated Router)
Advertising Router: 192.168.0.2
LS Seq Number: 80000001
Checksum: 0xD4FE
Length: 32
Network Mask: /24
Attached Router: 192.168.0.2
Attached Router: 192.168.0.3

The link 10.23.0.0/24 is attached to router 192.168.0.3 so again, let’s look at the Router LSA.

R4#show ip ospf data router 192.168.0.3

            OSPF Router with ID (192.168.0.4) (Process ID 1)

                Router Link States (Area 0)

  Routing Bit Set on this LSA in topology Base with MTID 0
  LS age: 1 (DoNotAge)
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 192.168.0.3
  Advertising Router: 192.168.0.3
  LS Seq Number: 80000002
  Checksum: 0x3E12
  Length: 48
  Area Border Router
  Number of Links: 2

    Link connected to: a Virtual Link
     (Link ID) Neighboring Router ID: 192.168.0.4
     (Link Data) Router Interface address: 10.34.0.3
      Number of MTID metrics: 0
       TOS 0 Metrics: 10

    Link connected to: a Transit Network
     (Link ID) Designated Router address: 10.23.0.2
     (Link Data) Router Interface address: 10.23.0.3
      Number of MTID metrics: 0
       TOS 0 Metrics: 10

Inside the Router LSA we see that this is where our Virtual Link terminates. We can also see the link we use for that virtual link, 10.34.0.3. This link same link is in the R4 Router LSA, so we’ve just built the tree from R4 up to R1! 

 

TL;DR:

The OSPF Virtual Link doesn’t change forwarding. There is no encapsulation (that is, the packet on the wire is what was sent from the host, it’s never wrapped in another IP header). The Virtual Link allows two routers to send unicast OSPF Updates to one another containing information about Area 0. The other important note is that all LSAs received over the Virtual Link are flagged with the Do Not Age bit, so there is never a periodic refresh, like you will see with other LSAs. So don’t get overwhelmed with the complexity of Virtual Links, just remember they only change the way LSAs are exchanged, they do not change how traffic flows.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s