Expert Reference Series of White Papers

OSPF Scaling and

Summarization

1-800-COURSES www.globalknowledge.com
OSPF Scaling and Summarization
Al Friebe, CCDA, CCDP, CCNA, CCNP, A+, CCSI

OSPF Scaling
Since bandwidth, RAM, and CPU cost money (and we, unfortunately, don’t have infinite money), there is a limit
to how large an OSPF autonomous system can grow before you run into problems.
1. Bandwidth: As the internetwork grows, there are more routers. With link-state protocols such as OSPF,
every router’s LSA (Link State Advertisement) is flooded throughout the internetwork. Obviously, the
more routers, the more LSAs must be flooded, which results in more LSU (Link State Update) packets,
consuming more bandwidth on the links.
2. RAM: As the LSAs are flooded, each router makes a copy of each LSA, which it keeps in its LSDB (Link
State Database). Therefore, the more routers, the larger will be each router’s LSDB, and a larger LSDB
requires more RAM to store it. Also, since there are a lot of prefixes, the resulting routing table will be
large, requiring even more RAM.
3. CPU: Every time a router’s LSDB changes, the router runs Dijkstra’s SPF algorithm to generate its revised
routing table. The larger the internetwork, the larger the LSDB, and the more frequently it’s likely to be
changing. Thus, each router is running SPF more often on a larger LSDB, consuming more CPU cycles.

There are two solutions to this scalability problem, you either limit OSPF to small internetworks (bad idea!) or
modify OSPF to enhance its scalability (good idea!). When using option 2 (called “multi-area OSPF”), we divide
the OSPF autonomous system into regions called areas. An example of a multi-area OSPF topology is shown in
Figure 1 below.

Figure 1.

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 2

Here’s how it works.

A router that lies completely within an area is called an internal router. Internal routers, such as R1, know the
entire topology for that specific area (in R1’s case it’s Area 1). Using SPF on its LSDB, R1 builds its routing table
by calculating the best path from itself to any prefix within Area 1. At this point, R1 knows the best route to all
prefixes within Area 1. Likewise, internal routers R3 and R5 calculate their routing tables for Area 0 and Area 2,
respectively.

A router that is attached to more than one area is called an Area Border Router (ABR), and it maintains an LSDB
for each area to which it is attached. R2, for example, is an ABR that connects Area 0 and Area 1. R2 runs SPF on
its Area 0 and Area 1 LSDBs, and the results go into its routing table. Thus, R2 knows the best path from itself to
all prefixes within Area 0 and Area 1. In addition, R2 now advertises the prefixes that lie within Area 0 into Area
1, and vice versa. Note that only the prefixes and their metrics are advertised, not the existence of individual
routers within an area. Likewise, R4, the ABR between Area 2 into Area 0, advertises prefixes between them.

For reasons of fault-tolerance, it’s possible that there could be two or more ABRs joining two areas. Since each
ABR advertises the cost for each prefix from its perspective, the routers in the area receiving the advertisements
can make optimal routing decisions about the prefixes that lie in the other area. At this point, all routers know
the best route to all prefixes within the areas to which they are attached, and to the prefixes within the adjacent
areas.

Furthermore, the Area 1 prefixes that R2 is sending into Area 0 are flooded over to R4, which then floods them
into Area 2. As a result, all routers in Area 2 know about the prefixes in Area 1. This happens in the opposite di-
rection, as well, and when the flooding has completed, all routers will know about all of the prefixes within the
entire OSPF autonomous system. Because it’s just the prefixes and their costs that are being advertised between
areas, and not detailed topology information, this requires less bandwidth, RAM and CPU than if it were all one
big OSPF area, with all routers knowing everything about the topology.

Let’s imagine that we’ve allocated the IP address space as follows.

• Area 0: 10.0.0.0/24 through 10.0.255.0/24 (256 subnets)
• Area 1: 10.1.0.0/24 through 10.1.255.0/24 (256 subnets)
• Area 2: 10.2.0.0/24 through 10.2.255.0/24 (256 subnets)

Our OSPF autonomous system contains a total of 768 subnets, and unless we prevent it, each subnet will be
known by every router. With a little configuration, however, we can do much better. As you can see, the subnets
within the areas fall into three blocks.
• Area 0: 10.0.0.0/16
• Area 1: 10.1.0.0/16
• Area 2: 10.2.0.0/16

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 3

What we can do is configure the ABRs (R2 and R4) so that instead of advertising each individual prefix from one
area to another, they will instead advertise summary blocks. For example, we will configure R2 to advertise the
10.1.0.0/16 block from Area 1 into Area 0, and likewise the 10.0.0.0/16 block from Area 0 to Area 1. Similarly,
we’ll have R4 advertise the 10.2.0.0/16 block from Area 2 into Area 0, and the 10.0.0.0/16 block from Area 0
into Area 2. What will be the result?

Each internal router (R1, R3, and R5) has the LSDB for its particular area and running SPF will send that area’s
prefixes into its routing table. Thus, for the prefixes within their respective areas, the internal routers see things
as follows.
• R1: 10.1.0.0/25 through 10.1.255.0/24 (the 256 subnets in Area 1)
• R3: 10.0.0.0/25 through 10.0.255.0/24 (the 256 subnets in Area 0)
• R5: 10.2.0.0/25 through 10.2.255.0/24 (the 256 subnets in Area 2)

Being an ABR, R2 will have the LSDB for both Area 2 and Area 0 and, therefore, will see 512 prefixes total for
those two areas. Likewise, R4, the ABR connecting Area 2 to Area 0, will also see 512 prefixes for those areas.

In addition, since the ABRs are advertising the blocks of subnets from one area to another, each router will see
one prefix for each area to which it is not directly connected. Therefore, the total numbers of prefixes known to
the routers will be:
• R1: 258 prefixes (256 for Area 1, summaries for Area 0 and Area 2)
• R2: 513 prefixes (256 for Area 1, 256 for Area 0, summary for Area 2)
• R3: 258 prefixes (256 for Area 0, summaries for Area 1 and Area 2)
• R4: 513 prefixes (256 for Area 2, 256 for Area 0, summary for Area 1)
• R5: 258 prefixes (256 for Area 2, summaries for Area 0 and Area 1)

In the case of the internal routers (R1, R3, and R5), the routing tables have gone from 768 to 258 entries, a
reduction of nearly two-thirds. In the case of the ABRs (R2 and R4), the number of routing tables has gone from
768 to 513, a reduction of nearly one-third. As you can imagine, as the total number of subnets goes up, the
savings that can be realized by using multiple areas becomes even greater.

Since OSPF area numbers are 32-bit variables, they can be represented in dotted-decimal format, which can
sometimes be convenient. For example, instead of numbering our areas 0, 1, and 2, we could make them Area
0.0.0.0, Area 10.1.0.0, and Area 10.2.0.0, deriving the area numbers from the IP address ranges within them.

What about Area 0, which contains the 10.0.0.0/16 block? Can we make that Area 10.0.0.0, then? No, because
there are some rules we must follow when it comes to multiple areas.
• If we have more than one area, one of them must be Area 0 (or Area 0.0.0.0, if you prefer).
• U
 nless special arrangements are made, the topology of an OSPF autonomous system must be a simple
hub-and-spoke, with Area 0 (the backbone) in the middle.
• We can’t run a link directly from Area 1 to Area 2, bypassing Area 0; OSPF won’t like that at all!

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 4

By default, all routers will know about the existence of all 768 subnets, but we can configure the ABRs to adver-
tise summary routes between areas with the OSPF area range command. Assuming that R2 is running OSPF
process ID 1, we’d tell R2 to summarize the “/16” block of routes within Area 1 into Area 0 like this.
• R2(config)#router ospf 1
• R2(config-router)# area 1 range 10.1.0.0 255.255.0.0

Likewise, we tell R2 to summarize the “/16” block of routes that lies within Area 0 into Area 1.
• R2(config-router)# area 0 range 10.0.0.0 255.255.0.0

Note: In each case, the area number specified is that of the area that contains the routes, not the area into
which the summary block is being advertised. Similarly, we can configure route summarization on R4 between
Area 2 and Area 0.
• R4(config-router)# area 2 range 10.2.0.0 255.255.0.0
• R4(config-router)# area 0 range 10.0.0.0 255.255.0.0

That’s it! We’ve just dramatically reduced the sizes of the routing tables on all routers in the OSPF autonomous
system.

Now, let’s say that for fault-tolerance, there are two ABRs joining a pair of areas. Refer to Figure 2, in which R6,
an additional ABR between Area 1 and Area 0, has been added.

Figure 2.

What happens if we configure R2 to summarize the routes from Area 1 into Area 0, but we don’t configure R6 to
do the same? Since R6 is advertising the individual subnets, the routers within Area 0 will know them, as well as
the summary route they learn from R2. Since a router prefers the longest match to a particular destination, the
traffic bound from Area 0 into Area 1 will flow via R6 (a “/24” beats a “/16”). Thus, to minimize the size of the
routing tables in the adjacent areas, we should configure the same summarizations on both R2 and R6. This will
also facilitate load-sharing between the ABRs for traffic traveling between the areas.

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 5

What about connections to the outside world? Refer to Figure 3, in which R5 has been made an ASBR (Autono-
mous System Boundary Router), connecting the OSPF autonomous system to a RIP routing domain.

Figure 3

To make R5 an ASBR, we would need to configure route redistribution from RIP into OSPF (redistribution is
a CCNP topic). Once that’s done, R5 will advertise the individual prefixes it learns via RIP into OSPF, and they
will be passed throughout Area 2, into Area 0, and also into Area 1. If we like, we can also configure route
summarization on the ASBR. Assuming that the RIP cloud contains subnets that fall within the address block of
172.16.0.0/16, we would configure the OSPF summary route like this.
• R5(config-router)#summary-address 172.16.0.0 255.255.0.0

The result would be that R5 will advertise the summary block 172.16.0.0.16 into Area 2, where it will be learned
by R4, which will advertise it into Area 0. The advertisement will flood across Area 0 and be learned by R2 and
R6, which will both advertise the summary route into Area 1. The result is that R5 (the ASBR) will know all of the
individual routes it learned via RIP, and all of the other routers in the OSPF autonomous system will know the
summary route for the external routing domain.

Summarization Options and their Effects

The goal of summarization is to conserve RAM, bandwidth and CPU by hiding information from some of the
routers. As long as these techniques are well understood before applying them, they can be a very useful tool
when dealing with OSPF.

Consider Figure 4, if there are 100 prefixes in the RIP cloud, and another 100 in the EIGRP cloud, each being
injected into the OSPF domain by the ASBRs, each OSPF router will be tracking over 200 individual prefixes, and
using RAM to store each in its LSDB and routing table. Also, a change to any external prefix will require adver-
tisement of the change to all OSPF routers, which consumes bandwidth. Finally, any change to a router’s LSDB

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 6

triggers Dijkstra’s SPF algorithm, which consumes CPU. For this reason, running such a large OSPF topology
“wide open” (without summarization) is not scalable.

Figure 4

Summary Address Command

Let’s start by using the OSPF summary-address command on R3, an ASBR. If we’re lucky (in other words, if
the addresses in the RIP cloud have been allocated correctly), we can summarize the prefixes in the RIP cloud
into one summary block. Assuming that’s the case, R3 will now be injecting only one Type-5 LSA into the OSPF
cloud.

One might wonder, “What OSPF cost will be assigned to the Type-5 LSA for the summary block?” There are two
options. One is to set the cost of the block equal to that of the lowest-cost prefix within the block, in accordance
with RFC 1583. This is the default method. The second option is to set the cost of the block equal to that of
the highest-cost prefix within the block, in accordance with RFC 2328. This is configured with the OSPF com-
mand no compatible rfc1583. In general, it probably doesn’t matter which method is used, but to prevent
sub-optimal routing, it should be consistent within the OSPF autonomous system. We’ll just go with the default
(compatible rfc1583).

If the EIGRP prefixes fall into a nice block, we can use the OSPF summary-address command on R4 to adver-
tise that block into OSPF. At this point, the best paths from R5’s perspective are:
• Subnet A via R3 (cost = 3)
• Subnet B via R3 (cost = 3)
• Subnet C via R4 (cost = 3)
• Subnet D via R4 (cost = 3)

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 7

 • RIP cloud via R3 (1 summary route at cost = 21)
• EIGRP cloud via R4 (1 summary route at cost = 21)

Note that we’ve saved RAM, bandwidth, and CPU within the OSPF cloud due to the reduction in Type-5 LSAs
being generated, advertised, and stored. We’ve also saved additional RAM due to the reduction in sizes of the
routing tables.

What if the prefixes that lie within the RIP or EIGRP clouds cannot be easily summarized (a situation which oc-
curs all too often in real life)? In that case, instead of one large summary block, we could configure the ASBRs
with multiple smaller summary blocks, by using multiple OSPF summary-address commands. The resulting
Type-5 LSAs would then flood through Area 0 and into Area 1, but this is better than having every router know
about each individual external prefix.

Stub Areas
From the figure below, we can see that R2, R3 and R5 are ABRs (connecting OSPF areas), and that R5 and R6
are ASBRs (connecting the OSPF autonomous system to other routing domains). Because they are not ABRs, R1,
R4, and R6 are referred to as internal routers. Also, because R2, R3, R4, and R5 have connections to Area 0 (the
OSPF backbone), they are backbone routers.

Note that a router can play several roles simultaneously, such as R5, which is a backbone router, an
ABR, and an ASBR. When assigning a router multiple functions, take care that you don’t run it out of
RAM and/or CPU.

Let’s assume that we have configured summarizations on the ABRs for routes being advertised from Area 1 and
Area 2 into Area 0, and on the ASBRs for routes being redistributed from RIP and EIGRP into OSPF. Notice that to
reach any external prefix, R5 must send the packet towards Area 0 is via R2 or R3.

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 8

 Figure 5

We can take advantage of this by configuring Area 1 as an OSPF “stub” area. To do this, we use the OSPF area
stub command on all routers connected to the area (including any ABRs). If we do, each ABR will inject a
default route into Area 1, and no Type-5 LSAs are injected. The effect will be that instead of advertising external
routes into Area 1, the ABRs will each advertise a default route. R1 will now know:
• All of the individual subnets within Area 1
• Summary routes via R2 and R3 for the other areas
• Default routes via R2 and R3 which allow it to reach the outside world.

Remember that the stub area flag is contained within OSPF hello packets, and it is an option on which neigh-
bors must agree, so it’s important that the stub feature be configured on all routers connected to the stub area.
In the case of Area 1, this would be R3 and R4 (the ABRs), as well as R5 (an internal router).

At this point, the best paths from R5’s perspective are:

• Subnet A via R3 (cost = 3)
• Subnet B via R3 (cost = 3)
• Subnet C via R4 (cost = 3)
• Subnet D via R4 (cost = 3)
• RIP and EIGRP clouds via defaults from R3 and R4 (cost = 1)

Since R5’s routing table now contains one default (with two next hops) instead of two summary routes, we’ve
just saved some more RAM on R5.

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 9

 Note that all four subnets can also be reached the “long way around” (for example, Subnet A via R4
at a cost of 4), but those paths would not be used if a lower-cost path exists. The best path to each
prefix within Area 0 will appear in R5’s IP routing table as an “O IA” (OSPF Inter-Area) route.

R1 will choose the lowest-cost paths between R2 and R3 to the other areas and the outside world, and load-
share between them in case of a tie. Since R5 is receiving the default route from both R3 and R4, if the metrics
are the same (which they would be unless we change them), R5 will load-share traffic for the RIP cloud between
R3 and R4. In other words, half of the packets bound for the RIP cloud will take the sub-optimal path via R4.
Likewise, since R5 will load-share packets for the EIGRP cloud, half of those packets would take the sub-optimal
path via R3.

So far, so good, but when it comes to conserving RAM, bandwidth and CPU on R1, we can do even better by
configuring Area 1 as totally stubby. R2 and R3 will now suppress the advertisements of inter-area routes
into Area 1, with the result that R1 will now know:
• All of the individual subnets within Area 1
• Default routes via R2 and R3 which allow it to reach everything beyond Area 1

Note that “totally-stubby” is a Cisco term, but other vendors’ routers may have a functionally-equiv-
alent mode.

What about Area 2? Can we make that a stub or totally-stubby area? No, because one of the rules for stub and
totally-stubby areas is that they cannot contain any ASBRs. We can, however, make Area 2 a Not-So-Stubby Area
(NSSA), which is a special type of stub area that’s allowed to contain ASBRs! The effect is that R5 (acting as an
ASBR) continues to redistribute the EIGRP external routes into Area 0, but R5 (also acting as an ABR for a NSSA)
advertises a default route into Area 2 in place of the external routes. Thus, R6 will know:
• All subnets that lie within Area 2
• The external prefixes that it’s learning via RIP
• Summary routes via R5 for the other areas
• A default route via R5 which allows it to reach the outside world.

We can also make Area 2 into what is variously referred to as Totally Not-So-Stubby or Not-So-Totally-Stubby (a
NSSA into which no inter-area routes are advertised), and at this point R6 will know:
• All subnets that lie within Area 2
• The external prefixes that it’s learning via RIP
• A default route via R5, which allows it to reach everything else

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 10

Having now configured summarizations into Area 0 from the outlying areas, Area 1 as totally-stubby, and Area
2 as totally-NSSA, we’ve done about the best that we can do with our example topology from a scalability
perspective.

The bottom line is that as a result of hiding information from R5, routing is no longer optimal. The possibility of
sub-optimal routing exists whenever summarization is used and there are multiple paths (and OSPF stub areas
are a type of summarization).

Let’s look at another example. Suppose that we now configure Area 1 as an OSPF totally-stubby area. This is
done by using the OSPF area stub command on the internal routers within that area (R5), and the OSPF area
stub no-summary command on the ABRs (R3 and R4). If we do, the Type-3 LSAs for subnets A, B, C and D will
not be advertised into Area 1, and the view from R5 will be:
• Everything outside of Area 1via defaults from R3 and R4 (cost = 1)

Obviously, this saves RAM, bandwidth, and CPU within Area 1, but these savings come at a cost. Since R5 no
longer knows the metrics to the subnets within Area 0, it will now load-share traffic headed for those prefixes
between R3 and R4. As with traffic headed from Area 1 to the RIP or EIGRP clouds, traffic from Area 1 for the
prefixes within Area 0 could take a sub-optimal route.

Summary
The bottom line is that the goal of summarization is to conserve RAM, bandwidth and CPU by hiding informa-
tion from some of the routers, but as a result of hiding information, routing may no longer be optimal. Note that
this is not just a characteristic of OSPF, it applies to any routing protocol when there are multiple paths available
and summarization is being used. That being said, summarization techniques are still tremendously useful, as
long as they’re not applied blindly.

Learn More
Learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge.
Check out the following Global Knowledge courses:
ROUTE - Implementing Cisco IP Routing v1.0
ICND2 - Interconnecting Cisco Network Devices 2

For more information or to register, visit www.globalknowledge.com or call 1-800-COURSES to speak with a
sales representative.

Our courses and enhanced, hands-on labs and exercises offer practical skills and tips that you can immediately
put to use. Our expert instructors draw upon their experiences to help you understand key concepts and how to
apply them to your specific work situation. Choose from our more than 1,200 courses, delivered through Class-
rooms, e-Learning, and On-site sessions, to meet your IT and business training needs.

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 11

About the Author
Al Friebe (CCDA, CCDP, CCNA, CCNP, A+, CCSI) has taught networking classes since 1995. He previously served
as Global Knowledge’s Course Director for BGP and BSCI, and he is the author of our current ICND2 labs. His
previous experience includes instructor duty in the U.S. Navy’s Nuclear Power School, radio-chemistry, software
engineering, and network management.

Copyright ©2010 Global Knowledge Training LLC. All rights reserved. 12