In large OSPF networks, a lot of space is wasted in the LSDB and routing tables because of prefixes on transit links. OSPF prefix suppression is a feature to get rid of these unnecessary prefixes. Let me give you a quick example to explain this:
Above we have three routers running OSPF. Behind R1 and R2, there are host devices. The only thing we care about in this topology is to have end-to-end connectivity between H1 and H2. If you look in the routing tables of R1 and R3, you will find this:
R1#show ip route ospf
O 192.168.3.0/24 [110/3] via 192.168.12.2, 00:00:02, GigabitEthernet0/1
O 192.168.23.0/24 [110/2] via 192.168.12.2, 00:00:02, GigabitEthernet0/1R3#show ip route ospf
O 192.168.1.0/24 [110/3] via 192.168.23.2, 00:00:23, GigabitEthernet0/1
O 192.168.12.0/24 [110/2] via 192.168.23.2, 00:00:23, GigabitEthernet0/1R1 has learned about 192.168.23.0/24 and R3 has learned 192.168.12.0/24. There are no host devices on these two networks so why do we care? There is no need for R1 to send packets to 192.168.23.0/24 or R3 to send anything to 192.168.12.0/24. The two prefixes are only used on transit links.
With OSPF prefix suppression, we can remove these prefixes of the routing table. By doing so, we will save some memory and CPU cycles without breaking network connectivity.
OSPF saves topology and addressing information in LSA type 1 and LSA type 2. We can filter some of this information to prevent them from being installed. This only suppresses the prefix information of the transit links, not the transit links themselves. We need to know the transit links otherwise OSPF is unable to calculate the shortest path tree.
Configuration
To demonstrate prefix suppression, I use the following topology:
In the topology above, each router has a loopback interface and our goal is to have end-to-end connectivity between the loopback interfaces. All routers are in area 0 and we have two transit links:
- 192.168.123.0/24
- 192.168.34.0/24
R1 and R2 will learn about 192.168.34.0/24 and R4 learns 192.168.123.0/24. Both prefixes are not necessary.
R1, R2, and R3 are on a multi-access segment, the connection between R3 and R4 is a point-to-point link so the correct OSPF network type has been configured.
- Configurations
- R1
- R2
- R3
- R4
Want to take a look for yourself? Here you will find the startup configuration of each device.
Prefix Suppression Disabled
Prefix suppression is disabled by default. Let’s look at the current routing tables:
R1#show ip route ospf
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/2] via 192.168.123.2, 00:04:03, GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:04:13, GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:00:03, GigabitEthernet0/1
O 192.168.34.0/24 [110/2] via 192.168.123.3, 00:00:19, GigabitEthernet0/1R2#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 192.168.123.1, 00:09:08, GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:09:18, GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:05:08, GigabitEthernet0/1
O 192.168.34.0/24 [110/2] via 192.168.123.3, 00:05:24, GigabitEthernet0/1Above we can see that R1 and R2 have 192.168.34.0/24 in their routing tables. Here’s R4:
R4#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/3] via 192.168.34.3, 00:01:06, GigabitEthernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/3] via 192.168.34.3, 00:01:06, GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.34.3, 00:01:06, GigabitEthernet0/1
O 192.168.123.0/24 [110/2] via 192.168.34.3, 00:01:06, GigabitEthernet0/1R4 has 192.168.123.0/24 in its routing table.
Router LSA
The first thing we are going to do is to get rid of the 192.168.34.0/24 prefix. Since this is a point-to-point link, there is no DR/BDR and it’s advertised directly in LSA type 1. There are four link types that you can find in LSA type 1:
- Point-to-point link to another router: this is a transit link that points to the router ID of your neighbor on the other end of the point-to-point link.
- Link to transit network: this is a transit link that points to the IP address of the DR of the transit link.
- Stub network: this contains the IP prefix that is used on a stub network or a prefix on a point-to-point link to another router.
- Virtual link: this is a virtual point-to-point link that points to the router ID of the router you establish a virtual link with.
The stub network link type has the prefix information so if we want to filter the prefix on the transit link, we have to filter the stub network information.
Let’s take a look at LSA type 1 of R3 and R4. Here’s R3:
R3#show ip ospf database router self-originate
OSPF Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
LS age: 120
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 80000004
Checksum: 0xFFE0
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 3.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 4.4.4.4
(Link Data) Router Interface address: 192.168.34.3
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 192.168.34.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 192.168.123.3
(Link Data) Router Interface address: 192.168.123.3
Number of MTID metrics: 0
TOS 0 Metrics: 1Above you can see the prefix information of the stub network link type. You can find the same information on R4:
R4#show ip ospf database router self-originate
OSPF Router with ID (4.4.4.4) (Process ID 1)
Router Link States (Area 0)
LS age: 118
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 80000002
Checksum: 0xEAB
Length: 60
Number of Links: 3
Link connected to: a Stub Network
(Link ID) Network/subnet number: 4.4.4.4
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 192.168.34.4
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 192.168.34.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1Once we enable prefix suppression, the highlighted information above will disappear.
Network LSA
The 192.168.123.20/24 prefix that is used on the multi-access segment is not advertised in LSA type 1 but in LSA type 2 that the DR advertises. If we want to suppress this prefix, we have to make some changes to LSA type 2. In my topology, R3 is the DR. Here’s the network LSA:
R3#show ip ospf database network self-originate
OSPF Router with ID (3.3.3.3) (Process ID 1)
Net Link States (Area 0)
LS age: 595
Options: (No TOS-capability, DC)
LS Type: Network Links
Link State ID: 192.168.123.3 (address of Designated Router)
Advertising Router: 3.3.3.3
LS Seq Number: 80000001
Checksum: 0x4CDD
Length: 36
Network Mask: /24
Attached Router: 3.3.3.3
Attached Router: 1.1.1.1
Attached Router: 2.2.2.2Above we find the IP address of the DR and the network mask. The prefix isn’t advertised directly in LSA type 2 but with the IP address of the DR and the subnet mask, the router can calculate what prefix we are using (192.168.123.0/24).
Prefix Suppression Enabled
Let’s enable prefix suppression so we can see the difference. I enable this on all my routers:
R1,R2,R3 & R4
(config)#router ospf 1
(config-router)#prefix-suppressionThat’s all you have to do.
You can also enable prefix suppression on the interface level with the ip ospf prefix-suppression command.
Here is the result:
R1#show ip route ospf
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/2] via 192.168.123.2, 00:10:33, GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:10:43, GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:06:33, GigabitEthernet0/1R2#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 192.168.123.1, 00:10:54, GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:11:04, GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:06:54, GigabitEthernet0/1R4#show ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/3] via 192.168.34.3, 00:07:19, GigabitEthernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/3] via 192.168.34.3, 00:07:19, GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.34.3, 00:07:19, GigabitEthernet0/1This is pretty neat. As you can see, all prefixes on the transit links are now gone. We still have end-to-end connectivity between our loopback interfaces. For example:
R1#ping 4.4.4.4 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/8 msNow the big question remains, what has changed in the LSDB? Let’s find out…
Router LSA
Here is LSA type 1 on R3:
R3#show ip ospf database router self-originate
OSPF Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
LS age: 179
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 80000005
Checksum: 0x8BF0
Length: 60
Number of Links: 3
Link connected to: a Stub Network
(Link ID) Network/subnet number: 3.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 4.4.4.4
(Link Data) Router Interface address: 192.168.34.3
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 192.168.123.3
(Link Data) Router Interface address: 192.168.123.3
Number of MTID metrics: 0
TOS 0 Metrics: 1If you compare this output with the one I showed you before, you will see that the information about the stub network 192.168.34.0/24 has been removed here. The same thing happened on R4:
R4#show ip ospf database router self-originate
OSPF Router with ID (4.4.4.4) (Process ID 1)
Router Link States (Area 0)
LS age: 250
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 80000003
Checksum: 0x7BD9
Length: 48
Number of Links: 2
Link connected to: a Stub Network
(Link ID) Network/subnet number: 4.4.4.4
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 192.168.34.4
Number of MTID metrics: 0
TOS 0 Metrics: 1Above you won’t find anything about stub network 192.168.34.0/24 anymore.
Network LSA
Prefix 192.168.123.0/24 was also removed. Let’s take another look at the network LSA of R3:
R3#show ip ospf database network self-originate
OSPF Router with ID (3.3.3.3) (Process ID 1)
Net Link States (Area 0)
LS age: 724
Options: (No TOS-capability, DC)
LS Type: Network Links
Link State ID: 192.168.123.3 (address of Designated Router)
Advertising Router: 3.3.3.3
LS Seq Number: 80000002
Checksum: 0x4ADE
Length: 36
Network Mask: /32
Attached Router: 3.3.3.3
Attached Router: 1.1.1.1
Attached Router: 2.2.2.2Above we can still see the same information but there is one change. The network mask has changed from /24 to /32. A subnet mask of /32 on a multi-access network is impossible so when an OSPF router that supports prefix suppression sees this, it knows that this LSA doesn’t have any prefix information. A router that doesn’t support prefix suppression will install a /32 route in its routing table. This doesn’t cause any connectivity issues.
Conclusion
You have now learned how OSPF prefix suppression works and how it filters prefixes from transit links from its LSDB and thus the routing table. On point-to-point links, it does so by removing the stub network information from LSA type 1. On multi-access networks, it does so by changing the subnet mask to /32. If you want to learn more about prefix suppression, you can take a look at RFC 6860.
Unit 1: Introduction to OSPF
- Introduction to OSPF
- Basic OSPF Configuration
- OSPF Multi Area Configuration
- OSPF Reference Bandwidth
- OSPF Plain Text Authentication
- OSPF MD5 Authentication
- OSPF SHA-HMAC Authentication
- OSPF TTL Security Check
- OSPF Default Route
Unit 2: OSPF Neighbor Adjacency
- OSPF LSA Types
- OSPF LSAs and LSDB Flooding
- OSPF Hello and Dead Interval
- OSPF Router ID
- OSPF Packets and Neighbor Discovery
- OSPF DR/BDR Election
- OSPF Passive Interface
- Troubleshooting OSPF Neighbor Adjacency
Unit 3: OSPF Network Types
- OSPF Non-Broadcast Network Type
- OSPF Broadcast Network Type
- OSPF Point-to-Multipoint Network Type
- OSPF Point-to-Multipoint Non-Broadcast Network Type
- OSPF Point-to-Point Network Type
- OSPF Next Hop with Network Types
Unit 4: OSPF Stub Areas
- Introduction to OSPF Stub Areas
- How to configure OSPF Stub Area
- How to configure OSPF Totally Stub
- How to configure OSPF NSSA (Not So Stubby) Area
- How to configure OSPF Totally NSSA (Not So Stubby) Area
- OSPF NSSA P-bit explained
Unit 5: Advanced OSPF Topics
- OSPF Summarization
- OSPF Distribute-List Filtering
- OSPF LSA Type 3 Filtering
- OSPF LSA Type 5 Filtering
- OSPF Virtual Link
- OSPF Virtual Link Authentication
- OSPF Path Selection Explained
- How to read the OSPF Database
- OSPFv3 for IPv4
- Troubleshooting OSPF Route Advertisement
- OSPF SPF Scheduling and Throttling
- OSPF LSA Throttling
- OSPF Incremental SPF
- OSPF Prefix Suppression
- OSPF Stub Router
- OSPF Graceful Shutdown
- OSPF Graceful Restart
- OSPF Loop-Free Alternate (LFA) Fast Reroute (FRR)
- OSPF Remote Loop-Free Alternate (LFA) Fast Reroute (FRR)