60% Black Friday discount for the Courses and All-Access Pass Subscription until 30th November!

00
Days
:
19
Hours
:
52
Minutes
:
38
Seconds
Get Offer

Enhance Your IT Skills with OrhanErgun.net Online Training in Networking, Security, and Cloud Technologies.

Follow us
OSPF Prefix Suppression helps company to use 200 routers!

OSPF Prefix Suppression helps company to use 200 routers!

OSPF Prefix Suppression helps to company to use 200 routers in their network without any problem. You can think that, some companies use more than 200 routers in their OSPF network, why this post is special? You will understand why in 10 minutes.  

Yes that is true but those companies have either multi-area OSPF design or multiple process to separate the flooding domains. Lets have a quick look at OSPF Prefix Suppression then I will tell you special about this company. OSPF Prefix suppression is an IETF Standard. RFC 6860 explains the details of the Prefix Suppression feature.  

Basically it is a method for hiding Transit-Only Networks in OSPF.  

A transit-only network is defined as a network connecting routers only. In OSPF, transit-only networks are usually configured with routable IP addresses, which are advertised in Link State Advertisements (LSAs) but are not needed for data traffic. In addition, remote attacks can be launched against routers by sending packets to these transit-only networks.  

By hiding transit-only networks, network convergence time and vulnerability to remote attacks can be reduced.
‘Hiding’ implies that the prefixes are not installed in the routing tables on OSPF routers. Cleaner routing table, less amount of prefixes, that’s why, in case of failure, troubleshooting will be much easier. The company which I mention in this post is a fixed DSL provider, has approximately a million DSL customers. 2000 DSLAM, 750 DSLAM POPs, 200 IP Routers, 50 BNG.

I will not explain the access network of this company in this post, but just will mention from the OSPF network setup. Interestingly, they don’t have an MPLS in the network.

They don’t provide MPLS VPN service currently. Their OSPF is a flat design, meaning all the 200 routers in a backbone area. OSPF Prefix Suppression is enabled as you can understand from the title. They just advertise the /32s of the loopback interfaces for the BGP neighborship.

Since they don’t have an MPLS on their network as I said above, they are running BGP everywhere on their network.  They have an Access , Aggregation and Core POPs. So three tier of hierarchy.   It is common to have an hierarchical network setup in the optical layer as It is common to have hierarchy in IP layer.  They don’t have any problem with the current OSPF network setup.   

In fact, there is a plan to enable MPLS with LDP and RSVP on their network.   There is a project to enable MPLS Traffic Engineering and MPLS Traffic Engineering Fast Reroute on their network, and having a flat OSPF network design will be an advantage for them, since they won’t need to deal with Inter-area MPLS Traffic Engineering.

So, OSPF Prefix Suppression is used in real life deployment with 200 routers, and when next time you read from somewhere that, don’t place 40 – 50 routers in OSPF area, remember this post.

Author:

Orhan Ergun
Orhan Ergun CCIE/CCDE Trainer, Author of Many Networking Books, Network Design Advisor, and Cisco Champion 2019/2020/2021

He created OrhanErgun.Net 10 years ago and has been serving the IT industry with his renowned and awarded training.

Wrote many books, mostly on Network Design, joined many IETF RFCs, gave Public talks at many Forums, and mentored thousands of his students.  

Today, with his carefully selected instructors, OrhanErgun.Net is providing IT courses to tens of thousands of IT engineers.