OSPF Design Best Practices for Enterprise Networks

Area Design Best Practices

1. Keep Area 0 Stable and Redundant

Area 0 is critical. Design with:

• ✅ Redundant routers
• ✅ Redundant links
• ✅ High-capacity equipment
• ✅ Minimal churn (stable topology)

Avoid: Placing access-layer devices in Area 0

2. Limit Area Size

Rule of thumb:

• 50 routers per area (conservative)
• 100 routers per area (aggressive)

Why limit: SPF calculation time, LSDB size, convergence speed

3. Design Areas by Function or Geography

Good designs:

• Area 0: HQ core
• Area 10: East coast branches
• Area 20: West coast branches
• Area 30: Data center

Bad designs:

• Area 10: Routers 1-50 (arbitrary)

4. Use Stub Areas for Simple Sites

Make an area stub if:

• No external routes needed
• No ASBR in the area
• Single or dual paths to backbone

Types:

• Stub: Blocks Type 5 LSAs
• Totally Stubby: Blocks Type 3, 4, 5 (Cisco proprietary)
• NSSA: Stub + allows limited redistribution

5. Keep Area 0 Contiguous

Never: Split Area 0 into discontiguous pieces

If unavoidable: Use virtual links (temporary fix only)

Router Placement Best Practices

ABR Placement

ABRs are high-traffic routers. They:

• Forward inter-area traffic
• Generate Summary LSAs
• Maintain multiple LSDBs

Requirements:

• High CPU/memory
• Redundant hardware
• Strategic placement at area boundaries

Good placement:

• Distribution layer routers
• Data center edge routers

Bad placement:

• Access-layer switches
• Low-end routers

ASBR Placement

ASBRs inject external routes. Place them:

• At network edge (Internet, WAN, partner networks)
• On routers with external connectivity

Best practice: Limit number of ASBRs (easier to manage)

IP Addressing and Summarization

1. Plan for Summarization

Assign subnets hierarchically:

Area 10:

• 10.10.0.0/24
• 10.10.1.0/24
• 10.10.2.0/24
• Summarize: 10.10.0.0/16

Area 20:

• 10.20.0.0/24
• 10.20.1.0/24
• Summarize: 10.20.0.0/16

Benefit: Smaller routing tables, faster SPF

2. Use Loopbacks for Router IDs

Always:

interface loopback 0
 ip address 10.255.255.1 255.255.255.255

router ospf 1
 router-id 10.255.255.1

Naming scheme:

• 10.255.255.1 = R1
• 10.255.255.2 = R2

3. Use Consistent Addressing Schemes

Document and follow a standard:

• Core: 10.0.x.x
• Distribution: 10.1.x.x
• Access: 10.10.x.x - 10.20.x.x

OSPF Optimization Techniques

1. Adjust Reference Bandwidth

Default (100 Mbps) is too low for modern networks.

Set to 10 Gbps:

router ospf 1
 auto-cost reference-bandwidth 10000

Set on ALL routers in the domain.

2. Use Passive Interfaces

Make all user-facing interfaces passive:

router ospf 1
 passive-interface default
 no passive-interface gi0/0
 no passive-interface gi0/1

Benefits:

• Security (no rogue neighbors)
• Reduced overhead (no unnecessary Hellos)

3. Tune SPF Timers (Advanced)

Default SPF timers are conservative. For fast convergence:

router ospf 1
 timers throttle spf 10 100 5000

Format: timers throttle spf [start] [hold] [max]

• Start: 10ms (first SPF)
• Hold: 100ms (delay between SPFs)
• Max: 5000ms (maximum wait)

Use carefully: Aggressive timers can cause CPU spikes.

4. Implement Graceful Restart (NSF/NSR)

For high availability:

router ospf 1
 nsf cisco

Benefit: Routing continues during control-plane restarts

Authentication Best Practices

Use MD5 Authentication

Always authenticate OSPF in production:

interface gi0/0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 YourSecurePassword

Why: Prevent rogue routers from joining

Monitoring and Maintenance

1. Monitor SPF Runs

Router# show ip ospf | include SPF
  SPF algorithm last executed 00:12:34.567 ago
  SPF algorithm executed 15 times

Many SPF runs = unstable network

2. Monitor LSDB Size

Router# show ip ospf database | include count
  Link count: 245

Growing LSDB = need for summarization or area redesign

3. Set Up Alerts

Alert when:

• Neighbor flaps
• SPF runs exceed threshold
• LSA count spikes

Scalability Guidelines

When to Use Multi-Area

Use single-area when:

• < 50 routers
• Single site
• Simple topology

Use multi-area when:

• 50 routers

• Multiple sites
• Need summarization
• Want SPF isolation

Maximum Recommended Scale

Per area:

• 50-100 routers (conservative)
• 200 routers (aggressive, with tuning)

Per domain:

• 500 routers (typical enterprise)
• 1000+ routers (with careful design)

Common Design Mistakes

Mistake 1: Flat Single-Area Design at Scale

Problem: 200 routers in Area 0

Impact:

• Huge LSDBs
• Slow SPF
• Every change affects entire network

Fix: Implement multi-area design

Mistake 2: Too Many Small Areas

Problem: 20 areas with 5 routers each

Impact:

• Complex management
• Too many ABRs
• Diminishing returns

Fix: Consolidate areas

Mistake 3: Non-Contiguous Area 0

Problem: Area 0 split by another area

Fix: Redesign or use virtual link (temporary)

Mistake 4: No Summarization

Problem: 1000 /24 routes advertised individually

Fix: Summarize at ABR boundaries

Mistake 5: Inconsistent Reference Bandwidth

Problem: Some routers use 100 Mbps, others 10000 Mbps

Impact: Inconsistent path selection

Fix: Standardize across all routers

Design Checklist

✅ Area 0: Redundant, stable, contiguous
✅ Area size: < 100 routers per area
✅ ABR placement: Distribution layer, high-capacity
✅ ASBR placement: Network edge
✅ IP addressing: Hierarchical, supports summarization
✅ Router IDs: Loopbacks, consistent scheme
✅ Reference bandwidth: Adjusted for modern speeds
✅ Passive interfaces: All user-facing networks
✅ Authentication: MD5 on all links
✅ Summarization: Configured at ABRs
✅ Stub areas: Used where appropriate
✅ Monitoring: SPF, LSDB, neighbors

Summary

Now you know:

✅ Hierarchical design — Two-tier or three-tier
✅ Area planning — Size limits, functional grouping
✅ Router placement — ABRs at distribution, ASBRs at edge
✅ IP addressing — Plan for summarization
✅ Optimization — Reference bandwidth, passive interfaces, SPF tuning
✅ Authentication — MD5 for security
✅ Scalability — When to use multi-area, max sizes
✅ Common mistakes — Flat design, too many areas, no summarization

Your OSPF Journey:
You've completed the OSPF series! You now have the knowledge to design, configure, troubleshoot, and optimize OSPF in enterprise networks from CCNA to CCIE level.

Screenshot Suggestions:

1. Multi-area enterprise topology diagram
2. Hierarchical addressing scheme visual
3. show ip ospf from well-designed network
4. Before/after: SPF execution times with optimization

Internal Links:

• ← OSPF Areas Explained (Article 4)
• ← OSPF Route Summarization (Article 28)
• ← OSPF Redistribution (Article 29)
• ← OSPF Stub Areas (Article 14)
• ← How OSPF Calculates Cost (Article 6)