What link-state means
Unlike distance-vector (RIP, EIGRP), where a neighbor just says "I reach prefix X with metric 5", link-state works differently:
- Each router describes only its own local links in an LSA (Link State Advertisement)
- Every LSA is flooded across the area without changes
- Each router builds an identical LSDB (Link State Database), the full map of the area
- Locally it runs SPF (Dijkstra) → the routing-table
The key point: everyone sees the same topology. No rumors passed through intermediate routers, no count-to-infinity loops.
Adjacency
OSPF hears neighbors over multicast 224.0.0.5 (ALL-OSPF-ROUTERS) on every enabled interface. Hello every 10s (Ethernet) or 30s (NBMA).
Neighbor states:
Down → Init → 2-Way → ExStart → Exchange → Loading → Full
- Down/Init the Hello has not arrived yet, or it is one-way
- 2-Way both see each other, but the LSDB exchange has not happened (on a broadcast network all non-DR neighbors stay in 2-Way)
- ExStart/Exchange/Loading the LSDB is synchronizing
- Full synchronization is complete and the adjacency is usable
In a working network all required neighbors must be Full (or 2-Way with a non-DR).
Use show ip ospf neighbor through cmd-vtysh.
Area
OSPF splits a large network into areas, isolated flooding domains.
- Area 0 is the backbone and is mandatory. Every other area attaches to area 0.
- Area N is non-backbone. It can be stub or totally-stubby to shrink the LSDB
- ABR (Area Border Router) sits between areas and summarizes routes
- ASBR (AS Boundary Router) redistributes to the outside world (BGP, static)
With fewer than about 50 routers a single Area 0 is enough. The hierarchy earns its keep at hundreds of nodes.
LSA types (simplified)
| Type | Name | What it describes |
|---|---|---|
| 1 | Router LSA | own links inside the area |
| 2 | Network LSA | broadcast segment (the DR generates it) |
| 3 | Summary LSA | prefix from a neighboring area (the ABR generates it) |
| 4 | ASBR Summary | how to reach the ASBR |
| 5 | External LSA | redistributed external prefixes |
| 7 | NSSA External | same as type-5 but inside an NSSA area |
show ip ospf database shows every LSA in the LSDB.
DR / BDR on broadcast networks
On an Ethernet segment with N routers you would have N×(N-1)/2 adjacencies. To avoid a flood storm OSPF elects a DR (Designated Router) and a BDR (Backup). Everyone else forms Full only with the DR and BDR.
- DR election: highest priority (default 1), tie-breaker is the Router ID
- On p2p links (such as a
/30) no DR is needed, there is only one neighbor anyway
A loopback with a high IP and priority 0 brings up OSPF faster and more predictably.
Minimal configuration (FRR)
router ospf
ospf router-id 1.1.1.1
network 10.0.0.0/30 area 0
network 192.168.10.0/24 area 0
What network does: on any interface whose IP falls into this
prefix, OSPF turns on (Hello is sent, the prefix is announced in
an LSA type 1).
Newer alternative, per-interface configuration:
interface eth0
ip ospf area 0
This is more precise. It does not depend on the interface's current IP.
Common pitfalls
- MTU mismatch between neighbors → stuck in
ExStart. Fix: matching MTU orip ospf mtu-ignore. - Hello/Dead intervals that differ → neighbors never see each other. OSPF requires an exact match of Hello and Dead.
- Auth mismatch (when MD5 or a key-chain is enabled) → silent drop.
- Subnet mask mismatch on a broadcast segment → no 2-Way.
- passive-interface forgotten on the interface toward clients → they receive your Hello (harmless, but noisy and potentially risky).
OSPF vs BGP in one network
- OSPF runs inside the AS, converges fast, and handles roughly 500 prefixes in one area without trouble
- BGP (bgp) runs between ASes or carries transit for a large number of prefixes
The classic design: OSPF carries router loopbacks (the next-hops), BGP carries client prefixes. This takes load off OSPF and leaves policy to BGP.