OSPF: Open Shortest Path First
The most widely used interior gateway protocol for routing within enterprise networks and service provider infrastructures. OSPF builds a complete map of the network topology and uses Dijkstra's algorithm to calculate the shortest path to every destination.
Type
Link-State IGP
Protocol Number
89
Algorithm
Dijkstra SPF
Standard
RFC 2328 (OSPFv2)
What is OSPF?
OSPF (Open Shortest Path First) is the most widely used interior gateway protocol (IGP) for routing IP packets within a single organization or autonomous system (AS). Unlike distance-vector protocols such as RIP that rely on hop counts and neighbor advertisements, OSPF is a link-state protocol. Every router running OSPF builds a complete topological map of the network and independently calculates the shortest path to every reachable destination using Dijkstra's algorithm.
The current version, OSPFv2, is defined in RFC 2328 (1998) and remains the standard for IPv4 routing in enterprise and service provider networks. OSPFv3 (RFC 5340) extends the protocol to support IPv6 addressing, and later updates allow OSPFv3 to carry both IPv4 and IPv6 routes simultaneously using address families.
OSPF operates directly over IP using protocol number 89. It does not rely on TCP or UDP for transport. Instead, OSPF defines its own reliable flooding mechanism to distribute routing information across the network. This design gives OSPF tight control over how quickly topology changes propagate, enabling significantly faster convergence than distance-vector alternatives like RIP.
Routers discover neighbors by exchanging Hello packets on each OSPF-enabled interface. Once adjacencies are formed, routers exchange Link State Advertisements (LSAs) describing their directly connected links. Each router stores these LSAs in a Link State Database (LSDB), which represents the full network topology. When a link fails or a new link comes up, only the affected LSA is flooded, and each router independently recalculates its routing table.
OSPF Areas
As networks grow, maintaining a single flat OSPF topology becomes impractical. Every router would need to store LSAs for every link in the entire network, and every topology change would trigger SPF recalculation on every router. OSPF solves this scalability problem by dividing the network into areas.
Area 0 (the backbone area) is the core of every OSPF deployment. All other areas must connect to Area 0, either directly or through a virtual link. This hierarchical design limits the scope of LSA flooding and SPF recalculations to individual areas while still allowing full reachability across the entire OSPF domain.
Area Border Routers (ABRs) sit at the boundary between areas. They maintain separate LSDBs for each area they belong to and generate summary LSAs to advertise routes from one area into another. AS Boundary Routers (ASBRs) connect the OSPF domain to external routing domains, such as BGP, and inject external routes into OSPF.
OSPF defines several area types that control which LSAs are permitted within the area. Restricting LSA types reduces the size of the LSDB and the computational load on routers inside the area.
| Area Type | External Routes | Summary Routes | Use Case |
|---|---|---|---|
| Normal | Yes | Yes | Standard area with full routing information |
| Stub | No (default route) | Yes | Reduce LSDB size by filtering external routes |
| Totally Stubby | No | No (default route) | Minimal LSDB for simple branch offices |
| NSSA | Type 7 LSAs | Yes | Allow limited external routes without full externals |
OSPF LSA Types
Link State Advertisements (LSAs) are the fundamental units of information that OSPF routers exchange. Each LSA describes a specific piece of the network topology, and together the LSAs in a router's LSDB form the complete map from which shortest paths are calculated. Understanding LSA types is essential for troubleshooting OSPF and designing efficient area boundaries.
Type 1: Router LSA
Every OSPF router generates a Type 1 LSA that describes all of its interfaces, their IP addresses, costs, and the state of each link. Router LSAs are flooded only within the originating area. They form the foundation of the LSDB and contain the information needed to build the SPF tree within an area.
Type 2: Network LSA
On multi-access networks such as Ethernet segments, the Designated Router (DR) generates a Type 2 LSA. This LSA lists all routers attached to that network segment, reducing the number of adjacencies and LSAs needed to describe the shared medium. Type 2 LSAs remain within the area.
Type 3: Summary LSA
ABRs generate Type 3 LSAs to advertise routes from one area into another. When a router in Area 1 needs to reach a network in Area 2, it follows the Type 3 summary LSA generated by the ABR connecting those areas. These LSAs carry the destination prefix and its cost but do not expose the detailed topology of the originating area.
Type 4: ASBR Summary LSA
ABRs also generate Type 4 LSAs to tell routers in other areas how to reach an ASBR. Without this LSA, routers outside the ASBR's area would have no way to forward traffic toward externally learned routes. The Type 4 LSA carries the router ID of the ASBR and the cost to reach it.
Type 5: External LSA
ASBRs generate Type 5 LSAs to advertise routes learned from outside the OSPF domain. These routes might come from BGP, static routes, or other routing protocols. Type 5 LSAs are flooded throughout the entire OSPF domain (except into stub and totally stubby areas).
Type 7: NSSA External LSA
In Not-So-Stubby Areas (NSSAs), external routes cannot be carried as Type 5 LSAs. Instead, ASBRs within an NSSA generate Type 7 LSAs. When these LSAs reach the ABR at the NSSA boundary, the ABR converts them to Type 5 LSAs for flooding into the rest of the OSPF domain.
The SPF Algorithm
At the heart of OSPF is Dijkstra's Shortest Path First (SPF) algorithm. Each router runs SPF independently against its own LSDB to build a loop-free shortest path tree (SPT) with itself as the root. The result is a routing table containing the best (lowest-cost) path to every known destination.
The algorithm works in stages. First, the router places itself at the root of the tree and examines all directly connected links from its own Type 1 LSA. It adds these neighbors to a candidate list, sorted by cumulative cost. The candidate with the lowest cost is moved to the SPT, and its links are examined in turn. This process repeats until every reachable router and network has been placed on the tree.
SPF recalculation is triggered whenever a router detects a topology change, such as a link going down or a new neighbor appearing. Because OSPF floods only the affected LSA rather than the entire routing table, convergence is fast. Most modern implementations also use SPF throttling (configurable timers) to prevent excessive recalculations during periods of network instability, sometimes called "SPF storms."
Within an area, the SPF tree gives exact hop-by-hop forwarding paths. For inter-area destinations, routers follow Type 3 summary LSAs to the appropriate ABR, which in turn forwards traffic into the destination area. External destinations follow Type 5 (or Type 7) LSAs to the appropriate ASBR.
DR and BDR Election
On multi-access networks such as Ethernet, OSPF elects a Designated Router (DR) and a Backup Designated Router (BDR) to reduce the number of adjacencies and the volume of LSA flooding. Without a DR, every router on the segment would need to form a full adjacency with every other router, resulting in n*(n-1)/2 adjacencies. With a DR, each router forms an adjacency only with the DR and BDR, dramatically simplifying the topology.
The election process occurs during the 2-Way neighbor state. Each router advertises its OSPF priority (a configurable value from 0 to 255) in its Hello packets. The router with the highest priority becomes the DR, and the second highest becomes the BDR. If priorities are equal, the router with the highest router ID wins. Setting a router's priority to 0 prevents it from being elected as DR or BDR.
The DR is responsible for generating the Type 2 (Network) LSA for the segment, which lists all attached routers. The BDR monitors the DR and takes over immediately if the DR fails, avoiding a full re-election. This design ensures fast failover on multi-access segments. On point-to-point links, no DR/BDR election takes place because there are only two routers.
OSPF Neighbor States
OSPF routers go through a well-defined sequence of states as they discover neighbors and synchronize their LSDBs. Understanding these states is critical for troubleshooting adjacency problems.
| State | Description |
|---|---|
| Down | No Hello packets have been received from this neighbor |
| Init | A Hello packet has been received, but two-way communication is not yet confirmed |
| 2-Way | Bidirectional communication confirmed. DR/BDR election occurs at this stage |
| ExStart | Master/slave relationship negotiated for database exchange |
| Exchange | Database Description (DBD) packets exchanged to summarize LSDB contents |
| Loading | LSA requests sent and responses received for any missing or outdated LSAs |
| Full | LSDBs fully synchronized. The adjacency is complete and operational |
On multi-access networks, routers that are neither the DR nor the BDR will remain in the 2-Way state with each other. Full adjacency is formed only with the DR and BDR. On point-to-point links, both routers proceed all the way to the Full state.
OSPF Cost and Metric
OSPF uses costas its sole routing metric. The cost of an interface is calculated by dividing a reference bandwidth by the interface's actual bandwidth. The default reference bandwidth is 100 Mbps, which gives the following costs:
| Interface Speed | Cost (default reference) |
|---|---|
| 10 Mbps (Ethernet) | 10 |
| 100 Mbps (Fast Ethernet) | 1 |
| 1 Gbps (Gigabit Ethernet) | 1 |
| 10 Gbps | 1 |
Notice that with the default reference bandwidth of 100 Mbps, any link faster than 100 Mbps receives a cost of 1. This means OSPF cannot distinguish between a 1 Gbps link and a 10 Gbps link. In modern networks, administrators should increase the reference bandwidth (for example, to 10 Gbps or 100 Gbps) so that OSPF can make intelligent path choices across high-speed links.
The total cost of a route is the sum of the costs of all outbound interfaces along the path. When multiple paths exist to the same destination, OSPF installs the path with the lowest total cost. If multiple paths have equal cost, OSPF performs equal-cost multi-path (ECMP) load balancing, distributing traffic across all of them.
OSPF vs Other Routing Protocols
Choosing the right routing protocol depends on network size, requirements, and vendor environment. Here is how OSPF compares to other major routing protocols.
| Feature | OSPF | BGP | EIGRP | RIP |
|---|---|---|---|---|
| Type | Link-state IGP | Path vector EGP | Distance vector IGP | Distance vector IGP |
| Algorithm | Dijkstra SPF | Best path selection | DUAL | Bellman-Ford |
| Metric | Cost (bandwidth) | Path attributes | Composite (bandwidth, delay) | Hop count |
| Convergence | Fast | Slow (by design) | Very fast | Slow |
| Scalability | Areas (hundreds of routers) | Internet-scale | Medium | Small networks |
| Standard | Open (RFC 2328) | Open (RFC 4271) | Cisco proprietary (now open) | Open (RFC 2453) |
| Use Case | Enterprise internal | ISP / internet | Cisco enterprise | Legacy / small |
OSPF and BGP are often deployed together. OSPF handles internal routing within the AS, while BGP manages routing between autonomous systems and across the internet. EIGRP offers faster convergence than OSPF in some scenarios but was historically limited to Cisco devices. RIP is largely considered a legacy protocol, still found in small or older networks.
Common Use Cases
- Enterprise campus networks: OSPF is the standard IGP for connecting buildings, floors, and data centers within a corporate campus
- Data center underlay routing: spine-leaf architectures frequently use OSPF (or IS-IS) as the underlay routing protocol beneath VXLAN or other overlay technologies
- ISP internal routing: service providers use OSPF to route traffic within their autonomous system, often alongside BGP for external peering
- Government and military networks:OSPF's open standard status and vendor-neutral design make it a common choice for regulated environments
- Large-scale WiFi networks: campus and metropolitan WiFi deployments use OSPF to manage routing across hundreds of access points and distribution switches
- MPLS backbone IGP: OSPF provides the IGP foundation for MPLS label distribution in carrier networks, working with LDP or RSVP-TE for label-switched path setup
Frequently Asked Questions About OSPF
What is the difference between OSPF and BGP?
OSPF is an interior gateway protocol (IGP) designed for routing within a single autonomous system. It uses link-state information and Dijkstra's algorithm to find the shortest path. BGP is an exterior gateway protocol (EGP) that routes between autonomous systems across the internet. BGP uses path attributes and policy-based selection rather than a simple shortest-path calculation. In most networks, OSPF and BGP work together: OSPF handles internal routing while BGP handles external connectivity.
Why does OSPF need Area 0?
Area 0 (the backbone) acts as the transit area for all inter-area traffic. By requiring all areas to connect to Area 0, OSPF enforces a two-level hierarchy that prevents routing loops. Without this rule, summary routes could circulate between non-backbone areas, creating inconsistent routing tables. If a physical connection to Area 0 is not possible, a virtual link through another area can provide the required connectivity.
What is a Designated Router (DR)?
A Designated Router is elected on multi-access network segments (like Ethernet) to reduce the number of OSPF adjacencies. Instead of every router forming a full adjacency with every other router, all routers on the segment form adjacencies only with the DR and BDR. The DR generates Type 2 (Network) LSAs on behalf of the segment and acts as the central point for LSA exchange.
How fast does OSPF converge?
OSPF convergence depends on several factors: Hello and Dead timer intervals, SPF throttle timers, and the size of the area. With default timers (10-second Hello, 40-second Dead on broadcast networks), convergence after a failure typically takes 30 to 50 seconds. With tuned timers and features like Bidirectional Forwarding Detection (BFD), convergence can be reduced to under one second.
Can OSPF run over IPv6?
Yes. OSPFv3 (RFC 5340) was originally designed for IPv6 routing. It operates directly over IPv6 link-local addresses and uses different multicast addresses than OSPFv2. Later extensions (RFC 5838) added address family support to OSPFv3, allowing it to carry both IPv4 and IPv6 routes within a single protocol instance.
What is the difference between OSPF and EIGRP?
OSPF is an open-standard link-state protocol that builds a full topology map and runs Dijkstra's algorithm. EIGRP is a distance-vector protocol (sometimes called an advanced distance vector) that uses the DUAL algorithm and tracks only the best path and feasible successors. EIGRP converges slightly faster in some scenarios and uses a composite metric (bandwidth, delay, load, reliability), while OSPF uses cost based solely on bandwidth. EIGRP was originally Cisco proprietary but is now documented in RFC 7868 as an informational standard.
Related Protocols
- BGP: the exterior gateway protocol for routing between autonomous systems across the internet
- TCP: the reliable transport protocol that carries application data across IP networks
- ICMP: the diagnostic and error reporting protocol used by tools like ping and traceroute
- NAT: network address translation for mapping private addresses to public addresses