OSPF Routed Access Layer Design

EildorEildor Member Posts: 444
Scenario:

I'll do my best to explain this clearly... forgive me if it's confusing.

Collapsed core design.
2 x distribution layer switches.
25 access layer switches.
Routed access layer (access layer switches connect to both distribution layer switches via L3 links)

If I simply run OSPF there's going to be a lot of routes in the routing table of each switch... I guess about 50 P2P links and 25 networks.

Question:

How about I run a L3 link between the distribution layer switches in area 0, and then configure a separate area for each access layer switch... so SW1 gets area 1, SW2 area 2... SW25 area 25 and so on. Then I configure areas 1 - 25 as totally stubby areas so as to replace all routes on the access layer switches with a default route.

Is there anything wrong with doing this?

Comments

  • keenonkeenon Member Posts: 1,922 ■■■■□□□□□□
    not that i can see but if you have any qos requirements coming then it will be fun. are these switch stacks or single switches? If single switches then it could very well be a wasted effort unless there is some specific requirement your trying to address.
    Become the stainless steel sharp knife in a drawer full of rusty spoons
  • EildorEildor Member Posts: 444
    keenon wrote: »
    not that i can see but if you have any qos requirements coming then it will be fun. are these switch stacks or single switches? If single switches then it could very well be a wasted effort unless there is some specific requirement your trying to address.

    What would be a wasted effort? OSPF?
  • tech_usertech_user Member Posts: 5 ■□□□□□□□□□
    not wrong but very complicated.why you dont try to use 1 area and inject a default-route
  • f0rgiv3nf0rgiv3n Connection Overlord Member Posts: 598 ■■■■□□□□□□
    To me it seems like a lot of complexity. I'm going to answer your question with another question: You ask what could be wrong with it, but what are the benefits to adding that much complexity to something that could be quite a bit more simple?
  • EildorEildor Member Posts: 444
    tech_user wrote: »
    not wrong but very complicated.why you dont try to use 1 area and inject a default-route

    How would you suggest it be done then? I have to use OSPF though, that's the only thing.
  • EildorEildor Member Posts: 444
    tech_user wrote: »
    not wrong but very complicated.why you dont try to use 1 area and inject a default-route

    How am I going to inject just a default route?
  • networker050184networker050184 Mod Posts: 11,962 Mod
    I'd just put them all in one area. 25 networks is nothing for a router to run in a single area. If you want a default route just have your core routers generate one.
    An expert is a man who has made all the mistakes which can be made.
  • wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    Eildor wrote: »
    I have to use OSPF though, that's the only thing.

    Why do you have to have OSPF or connect at L3? Why not just use vlans on your core switch and have it do all the routing?
  • tech_usertech_user Member Posts: 5 ■□□□□□□□□□
    if you make area totally stub, router/switch will generate a default route or you can add a static default route and redistribute it into the ospf.
    !
    ip route 0.0.0.0 0.0.0.0 1.1.1.1
    router os 1
    redistribute static subnets
  • EildorEildor Member Posts: 444
    I'd just put them all in one area. 25 networks is nothing for a router to run in a single area. If you want a default route just have your core routers generate one.

    Originating a default route isn't going to make the routing table of the access layer switches any smaller though, is it? Or am I missing something.

    It just sounds a bit silly having all those L3 P2P routes being installed in the access layer switches routing tables... or any routes for that matter since there's only one way out (through both the distribution layer switches).

    How many entries could say a 3750-X have in its routing table before it impacts performance? What's considered to be a lot of entries? 1000? 5000? 10000?
  • EildorEildor Member Posts: 444
    tech_user wrote: »
    if you make area totally stub, router/switch will generate a default route or you can add a static default route and redistribute it into the ospf.
    !
    ip route 0.0.0.0 0.0.0.0 1.1.1.1
    router os 1
    redistribute static subnets

    Would a totally subby area that work in a single area 0?

    As for the default route redistribution that would still mean access layer switches would have entries for all L3 P2P links right?
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Why does it need to be smaller? Sounds like you are trying to fix a problem that doesn't exist. Thousands of routes are not issue. I'm not sure of any exact number.
    An expert is a man who has made all the mistakes which can be made.
  • ZartanasaurusZartanasaurus Member Posts: 2,008 ■■■■■■■■■□
    If you want to make the area DB smaller, make the ospf network types on the access layer uplinks point-to-point. That will get rid of all the Type 2 LSAs in the DB and they aren't needed since they are P2P over ethernet anyway.
    Currently reading:
    IPSec VPN Design 44%
    Mastering VMWare vSphere 5​ 42.8%
  • ZartanasaurusZartanasaurus Member Posts: 2,008 ■■■■■■■■■□
    tech_user wrote: »
    if you make area totally stub, router/switch will generate a default route or you can add a static default route and redistribute it into the ospf.
    !
    ip route 0.0.0.0 0.0.0.0 1.1.1.1
    router os 1
    redistribute static subnets
    This doesn't work in OSPF.
    Currently reading:
    IPSec VPN Design 44%
    Mastering VMWare vSphere 5​ 42.8%
  • EildorEildor Member Posts: 444
    Why does it need to be smaller? Sounds like you are trying to fix a problem that doesn't exist. Thousands of routes are not issue. I'm not sure of any exact number.

    Phew that's a relief... because configuring the areas that way is a pain in the backside.
  • EildorEildor Member Posts: 444
    If you want to make the area DB smaller, make the ospf network types on the access layer uplinks point-to-point. That will get rid of all the Type 2 LSAs in the DB and they aren't needed since they are P2P over ethernet anyway.

    I never thought about that, going to try it out for sure.
  • ZartanasaurusZartanasaurus Member Posts: 2,008 ■■■■■■■■■□
    If your goal is to make the RIB and LSDB as small as possible:
    Make the uplinks point to point.
    Configure each access switch in its own totally stubby area.
    Configure the default gateway interfaces on the access switches as passive and turn on OSPF prefix-suppression.

    Each access layer switch will have only connected routes and a default route with a very small LSDB.
    The core routers won't have any of the transit links in their RIB, just the destination networks.

    Of course, it's already been stated that a router will be able to handle the amount of routes we're talking about with ease. I was under the impression this was for a university class and was more theoretical than practical.
    Currently reading:
    IPSec VPN Design 44%
    Mastering VMWare vSphere 5​ 42.8%
  • EildorEildor Member Posts: 444
    If your goal is to make the RIB and LSDB as small as possible:
    Make the uplinks point to point.
    Configure each access switch in its own totally stubby area.
    Configure the default gateway interfaces on the access switches as passive and turn on OSPF prefix-suppression.

    Each access layer switch will have only connected routes and a default route with a very small LSDB.
    Of course, it's already been stated that a router will be able to handle the amount of routes we're talking about with ease. I was under the impression this was for a university class and was more theoretical than practical.

    Yeah I think I'll just do as others have suggested and put everything in area 0... it is for a university project but I'm free to do whatever really. Having everything in area 0 is a lot simpler; I just wasn't sure whether having all those routes in the routing tables would be a good idea... but as you guys have said routers can handle a lot more than perhaps 50 routes or whatever.
  • Met44Met44 Member Posts: 194
    It looks like you're already set with an answer, but you asked a few times if anyone had more definitive information about a recommended maximum number of OSPF routers per area. I was looking into something similar recently. Since you brought the topic up, maybe you or someone else here will find this interesting.

    In Moy's OSPF book, he says that in '91 the guideline was a maximum of 200 OSPF routers per area -- though some vendors suggested 50 or less. They don't share how they came up with those numbers, and if you google around you'll still see people giving the same answer 20 years later. Clearly, those answers are not up to date with current router hardware and software. In the FAQ section of Moy's book, written in 1998, he says most service provider routers have the capacity to import the then-current 45,000 Internet routes into OSPF. Cisco still has the best answer of "it depends", though that's not very satisfying:

    OSPF Design Guide - Cisco Systems

    There was a recent packet pushers podcast talking about this, at one point saying basically what networker said above, that thousands of routers per area isn't a problem (their context: service provider networks).

    Show 134 – OSPF Design Part 1 – Debunking the Multiple Area Myth

    So how many LSAs could a router really support? Moy's OSPF performance RFC has more useful information that I used as a basis for some number crunching.

    https://tools.ietf.org/html/rfc1245

    In the RFC Moy suggested that router memory was more likely to be a limiting factor than processing time or link bandwidth when determining the maximum number of LSAs for a router. He notes that in one OSPF implementation, a router with 2 MB of RAM could handle a maximum of 10,000 external LSAs (though that wasn't a recommendation).

    This is old information but it can be used to make a ballpark guess of the maximum number of LSAs for today's routers based on memory constraints. The above numbers were for external LSAs, but in Moy's OSPF reference implementation those are the least memory intensive LSAs in the LSDB. Router and network LSAs are larger, requiring about 25% more memory space than external LSAs in that implementation. Take a router/switch that has 256 MB RAM (like the 3750-X switch you mentioned). If you assume that 75% of that is needed for router services other than OSPF, leaving 64 MB free for OSPF, and that the Cisco implementation of OSPF requires about the same amount of memory to store an LSA as the above (plus the assumed ~25% extra for worst case router/network LSAs), then the memory-wise theoretical maximum number of LSAs would be on the order of 240,000. Even if you play it safe and use an order of magnitude less, that's still 20,000.

    The above would hold up if the following contraints also scaled linearly or better along with available RAM:

    * Available CPU processing power
    * Link bandwidth
    * OSPF processing requirements (i.e. the Dijkstra algorithm itself). (Memory requirements were already assumed above.)

    The SPF algorithm's computational complexity scales linearly with the number of LSAs for single-area OSPF, and better -- O(log(n)) -- for multi-area OSPF, so that requirement is met. The processing power and link bandwidth is router specific, but they have probably had increases that are comparable to the increased amount of memory. (And though bandwidth issues seem unlikely, they could be alleviated with DoNotAge.)

    This indicates to me that we should be aware of how easily current router hardware and software can handle seemingly strenuous tasks -- like an LSDB with tens of thousands of entries. We shouldn't be tempted to overdesign a network when the complexity of multi-area OSPF isn't warranted.
  • EildorEildor Member Posts: 444
    Wow... excellent post... cleared up a lot of my initial concerns. Thank you very much!
Sign In or Register to comment.