Monday, December 12, 2011

OSPF Packet Format

Below lists the 5 types of OSPF packets:

Message Type and Packet Type Purposes
Type-1 – Hello Discovers neighbors, negotiate capabilities, establishes and maintains adjacencies between neighbors.
Type-2 – Database Description (DBD) Elects the Master and Slave, determines the initial sequence number for database exchange, and summarizes the LSDB contents using LSA headers during the database exchange process between routers.
Type-3 – Link-State Request (LSR) Requests specific LS records (LSAs) that are seen during the database exchange process.
Type-4 – Link-State Update (LSU) Sends specifically requested LS records to a neighbor and sends triggered updates upon a topology change. LSU packets are also used in the flooding process.
Type-5 – Link-State Acknowledgment (LSAck) Acknowledges the receipt of LSU packets. A single LSAck packet can acknowledge multiple LSU packets.

OSPF packets are encapsulated directly into an IP payload without the use of TCP or UDP. OSPF packets are consisting of multiple encapsulations. The IP header encapsulates 1 of the 5 OSPF packet types – Hello, DBD, LSR, LSU, and LSAck. All types of OSPF packets begin with an OSPF packet header, which is same for all packet types. The OSPF packet data following the header varies according to the packet type. Each type of OSPF packet has a number of fields, followed by more data.

Most OSPF packets travel only a single hop between neighboring routers; the TTL field in the IP header is often set to 1 to ensure misconfigured routers not mistakenly forwarding OSPF packets. The exception for setting the TTL to 1 exists in certain OSPF hierarchical routing configurations.

The Destination IP address field in the IP header is the IP address of a neighbor or either one of the OSPF multicast IP addresses – AllSPFRouters ( and AllDRouters ( All OSPF routers must be prepared to receive IP packets destined to; while both the DR and BDR must be prepared to receive IP packets destined to
Note: The corresponding Ethernet MAC addresses for the AllSPFRouters and AllDRouters multicast IP addresses are 0100.5e00.0005 and 0100.5e00.0006 respectively.

OSPF Hello packets contain a list of known neighbors, while other types of OSPF packets contain a series of LSAs. These LSAs would also have their own specific types, headers, and data fields. Examples of LSAs are Router-LSAs, Network-LSAs, and Network-Summary-LSAs.

OSPF Hello packets are sent to the AllSPFRouters IP multicast address ( every 10 seconds for broadcast and point-to-point networks, and every 30 seconds for NBMA networks. The ip ospf hello-interval {sec} interface subcommand changes the interval of sending Hello packets out a particular router interface.

The OSPF Hello mechanism ensures neighboring routers can send and receive packets among them (bidirectional link) in order to prevent routing problems that caused by unidirectional links.

OSPF requires a reliable transmission mechanism. Since TCP is not used, it uses its own acknowledgment packets (OSPF packet Type-5) for acknowledging the receipt of OSPF packets.

OSPF Packet Format

Below lists the fields in the OSPF header:

Field Description
Version The values of 2 and 3 indicate OSPF versions 2 and 3 respectively.
Type Differentiates the 5 types of OSPF packets.
Packet Length The length of an OSPF packet, including LSA header and contents, in bytes.
Router ID Uniquely identifies the source or originating OSPF router of an OSPF packet. It is not necessary to be reachable or exist in the routing table.
Area ID Identifies the area from which an OSPF packet is originated and allows the receiving router to associate the packet to the proper level of OSPF hierarchy and ensure that OSPF hierarchy is configured consistently. The neighboring router interfaces must reside on the same subnet and area to form adjacencies. The Area ID for an OSPF packet sent over a virtual link is (the backbone’s Area ID), as virtual links are considered part of the backbone.
Checksum Specifies a standard IP checksum of the entire packet including the header.
Authentication Type The values of 0, 1, and 2 indicate Null (no authentication), Simple Password (plain text), and Message Digest 5 (MD5) Cryptographic Checksum OSPF router authentication methods respectively.
Key ID Identifies the authentication algorithm and the secret key used to create the message digest.
Authentication Data Length Specifies the length of message digest appended to an OSPF packet, in bytes. The message digest is not considered part of the OSPF packet.
Cryptographic Sequence Num Specifies a non-decreasing number used to prevent replay attacks.

1 comment: