Networking Deep Dive
by Sergey Okinchuk
Static vs Dynamic RoutingBGP and the Internet's Routing Fabric
Interior Routing — OSPF
Topic 21

Interior Routing — OSPF

OSPF

OSPF (Open Shortest Path First) is the interior gateway protocol most organizations actually run. It is a link-state protocol: every router describes its own directly-attached links, floods that description to every other router in the area, and from the flood each router assembles an identical map of the whole topology. Then each router independently runs Dijkstra's shortest-path-first algorithm over that map to compute its own best path to every destination.

Because every router shares one consistent map, OSPF converges fast — sub-second on a well-built network — and is structurally immune to the counting-to-infinity loops that plague rumor-based protocols. It scales comfortably across a single organization's network. What it does not do is scale to the internet: flooding every router's link state to everyone is fine for thousands of links and impossible for the millions of prefixes BGP carries.

How OSPF turns local link facts into shortest paths
describe
own links
flood
LSAs
identical
LSDB
run
Dijkstra

Link-State versus Distance-Vector

The dividing line in interior routing is what each router knows. A distance-vector protocol (RIP, EIGRP) knows only what its neighbors tell it — "I can reach network X at cost N" — and never sees the topology itself. It routes on hearsay, which is simple but slow to converge and historically prone to loops, because a router can believe a stale rumor long after the underlying link failed.

A link-state protocol gives every router the full map. Instead of trusting a neighbor's summary, each router learns the raw link facts from everyone and computes paths itself. The result converges faster and cannot loop the way distance-vector can, because no router is acting on a second-hand summary it cannot verify. The price is memory and CPU: holding the whole map and recomputing Dijkstra on every change costs more than tallying a few neighbor reports.

LSAs and the Link-State Database

The unit OSPF floods is the LSA (Link-State Advertisement): a small record describing one router's links, their neighbors, and their costs. When anything changes — a link goes up or down — the affected router originates a fresh LSA and floods it reliably to every router in the area. Each router stores every LSA it receives in its link-state database (LSDB), and OSPF's core guarantee is that every router in an area holds an identical LSDB.

That identical database is the whole trick. Routers first form adjacencies with neighbors, synchronize their databases, and only then compute routes — so two routers that fail to fully synchronize never become adjacent and never exchange routes. A subtle but common cause of a stuck adjacency is an MTU mismatch: the database-description packets are sized to the interface MTU, and if the two ends disagree, the larger packet is dropped and the adjacency hangs in EXSTART forever.

# inspect OSPF neighbors and the synchronized database (FRR / Quagga)
show ip ospf neighbor
# Neighbor ID   State    Interface     <- FULL = synced; EXSTART = MTU mismatch
# 10.0.0.2      Full     eth0
# 10.0.0.3      ExStart  eth1          <- stuck: check MTU on both ends

show ip ospf database
# the LSDB — identical on every router in the area, by design

Dijkstra and Cost

With an identical map in hand, each router runs Dijkstra's shortest-path-first algorithm to find the lowest-total-cost path to every destination. The metric OSPF minimizes is cost, an integer assigned per link and typically derived from bandwidth — a faster link gets a lower cost, so Dijkstra naturally prefers it. The path with the smallest summed cost wins; hop count never enters the calculation.

Because cost drives everything, a single mis-assigned cost quietly bends traffic the wrong way. Default cost is computed from a reference bandwidth, and on modern networks every link faster than that reference collapses to the same minimum cost unless you raise the reference — so a 10 Gbps and a 1 Gbps link can look equal to Dijkstra, and traffic takes the slower one half the time. Setting cost deliberately, rather than trusting the defaults, is how you control OSPF path selection.

Areas

Flooding has a natural ceiling: every change ripples to every router, so a large flat OSPF domain spends more and more on flooding and recomputation as it grows. OSPF's answer is areas — partitions that bound the flood. LSAs flood only within their area; the backbone area 0 ties the areas together, and routes between areas are summarized rather than flooded in full detail.

Areas turn one giant link-state database into several smaller ones, so a flapping link in one area never forces a full SPF recomputation across the entire network. This is what lets OSPF scale within an organization — but it is also why one undisciplined area-0-only design eventually buckles: with no segmentation, every router holds every LSA and recomputes on every change anywhere.

OSPF vs RIP vs IS-IS

OSPF is link-state: full map, Dijkstra, sub-second convergence, and areas for scale. It is the default interior gateway protocol for most enterprises. RIP is the old distance-vector protocol — hop-count metric capped at 15, slow convergence, loop-prone — kept alive only in tiny or legacy networks where its simplicity still pays.

IS-IS is link-state like OSPF and computes paths the same way, but it is favored by large ISPs for its cleaner scaling and protocol-independence (it runs directly on layer 2, not over IP). Choose OSPF inside a typical enterprise; reach for IS-IS in very large carrier cores where its scaling properties matter.

Common Mistakes
  • Running one giant area 0 with no segmentation. Every router holds every LSA and recomputes SPF on every change anywhere, so flooding and CPU load climb until a single flap destabilizes the whole domain.
  • An MTU mismatch between two interfaces. The adjacency never reaches FULL — it hangs in EXSTART because the oversized database-description packet is silently dropped — and the two routers exchange no routes despite looking connected.
  • Leaving the cost reference bandwidth at its low default. Every link above the reference collapses to the same minimum cost, so a 10 Gbps and a 1 Gbps path look identical to Dijkstra and traffic takes the slow one.
  • Expecting OSPF to scale to internet size. Flooding every link's state to every router works for thousands of links and falls apart at the millions of prefixes the global table holds — that is BGP's job, not OSPF's.
  • Mismatched hello/dead timers or area IDs on a link. The two routers never form an adjacency at all, so the link carries no OSPF routes even though it is physically up and passing other traffic.
Best Practices
  • Partition any growing OSPF network into areas around a backbone area 0, so flooding and SPF recomputation stay bounded to one area instead of rippling across the whole domain on every change.
  • Match the MTU on both ends of every OSPF link, because a mismatch leaves the adjacency stuck in EXSTART and silently exchanging no routes — verify it before suspecting anything else.
  • Raise the cost reference bandwidth to match your fastest links so Dijkstra can distinguish a 10 Gbps path from a 1 Gbps one, instead of treating both as the same minimum cost.
  • Set link costs deliberately to steer traffic onto the paths you intend, rather than trusting bandwidth-derived defaults that may not reflect your real preferences.
  • Keep OSPF interior and hand inter-organization routing to BGP, since link-state flooding does not scale past a single administrative domain.
Comparable conceptsIS-IS (ISP interior alternative)EIGRP (Cisco hybrid)

Knowledge Check

What fundamentally distinguishes a link-state protocol like OSPF from a distance-vector protocol like RIP?

  • Each router builds the full topology map from flooded link state and computes paths itself
  • OSPF routes purely on hop count while RIP minimizes total link cost
  • Link-state uses far less router memory and CPU than distance-vector does on the same topology
  • Distance-vector routers see the whole topology; link-state routers see only neighbors

Two OSPF routers on a link stay stuck in the EXSTART state and never reach FULL. What is the classic cause?

  • An MTU mismatch, which drops the oversized database-description packets
  • Different OSPF cost values configured on each of the two adjacent interfaces
  • Too many LSAs flooding across the area 0 backbone boundary
  • Dijkstra taking too long to converge on the shared map

Why does OSPF use areas instead of running everything in one flat domain?

  • Areas bound LSA flooding and SPF recomputation so one change doesn't ripple everywhere
  • Areas let OSPF compute strictly shorter end-to-end paths than a single flat domain ever could
  • Areas allow OSPF to scale to the internet's full routing table
  • Areas encrypt the routing traffic exchanged between separate sites

You got correct