Cisco OSPF — Configuration Reference

Cisco IOS cheat sheet for OSPF (Open Shortest Path First) — link-state routing protocol. Covers base configuration, area types (stub, NSSA, totally stubby), route filtering, summarization, redistribution, and authentication.

How OSPF Neighbor Adjacency Works

To have two routers discover each other and exchange routes:

Advertise the networks connecting the two routers — this establishes adjacency only.
Advertise the networks you want the neighbor to know about — only then will the neighbor see networks “behind” the first router.

Basic Configuration

OSPF Process Setup

Command	Description
router ospf 1	Enter OSPF process 1
router-id 0.0.0.32	Manually set router ID
network 192.168.0.0 0.0.255.255 area 0	Advertise network in area 0
passive-interface fa0/0.2	Suppress hello packets on interface (toward end users)
auto-cost reference-bandwidth 10000	Set reference bandwidth in Mbps — apply to ALL routers
clear ip ospf 1 process	Reset OSPF routing information

Interface-Level Settings

Command	Description
ip ospf cost 12	Set interface cost manually
ip ospf hellow-interval 8	Send hello every 8 seconds
ip ospf dead-interval 30	Declare neighbor dead after 30 s without hello
ip ospf priority 100	DR/BDR election priority
ip mtu 1400	Set MTU (must match on all routers in the same segment)
bandwidth 10000	Set interface bandwidth in Kbps (affects cost calculation)

Cost formula: reference bandwidth / interface bandwidth (Kbps). Default reference bandwidth = 100 000. For links faster than 100 Mbps set: auto-cost reference-bandwidth 100000000.

Diagnostics

show / debug

Command	Description
show ip ospf neighbor	Neighbor table with adjacency state
show ip ospf database	LSDB — LSAs from neighbors
show ip ospf database router 1.1.1.1	Detailed LSA content from router ID 1.1.1.1
show ip ospf interface [brief]	OSPF-enabled interfaces and their cost
show ip ospf route	Routes computed by OSPF (before RIB insertion)
show ip route ospf	OSPF routes installed in the routing table
show ip route 192.168.3.2	Detailed info for a specific route
show ip protocols	Dynamic routing protocol config (AD, networks, router ID)

Route Filtering

Goal: block networks 10.0.1.0, 10.0.2.0, 10.0.3.0 from being leaked from Area 0 into Area 1.

The logic is reversed — permit only what you want; everything else is denied by default.

Prefix-list Filter on ABR

Command	Description
ip prefix-list OSPF permit 192.168.0.0/16	Permit only 192.168.0.0/16 to pass
area <id> filter-list prefix OSPF <in\|out>	Apply on ABR. in = into area, out = from area
distance ospf external 255	Raise AD for external OSPF routes (prevents default route override)

Note: This filter does not block the default route 0.0.0.0 — it will still reach the neighbor router.

Method 2 — distribute-list (on receiving router)

Goal: allow a router to install only specific routes in its RIB.

Distribute-list Filter

Command	Description
access-list 3 permit 172.10.0.0 0.0.255.255	Define permitted routes in ACL
router ospf 1	Enter OSPF context
distribute-list 3 in	Apply ACL — only listed routes are installed in RIB

The router filters what goes into the RIB, but the LSDB remains unchanged.

Difference: Method 1 — prevents a router from advertising routes. Method 2 — prevents a router from accepting routes into RIB.

Filtering During Redistribution

Filter Routes Being Redistributed from EIGRP into OSPF

Command	Description
ip prefix-list FILT deny 172.10.2.0/16	Create prefix-list to block a network
redistribute eigrp 1 subnets	Enable redistribution from EIGRP into OSPF
distribute-list prefix FILT out eigrp 1	Apply filter to redistributed routes from EIGRP

Route Summarization

ABR and ASBR Summarization

Command	Description
area 1 range 192.168.0.0 255.255.0.0	ABR: advertise summary route for area 1 to other areas
summary-address 192.168.0.0 255.255.0.0	ASBR: advertise summarized external route

Redistribution

Injecting External Routes into OSPF

Command	Description
default-information originate [always]	Method 1: inject default route to all OSPF neighbors. Requires static 0.0.0.0 on ASBR, or add `always`
redistribute connected subnets	Method 2: inject connected networks of ASBR into OSPF
redistribute eigrp 1 subnets	Inject EIGRP routes into OSPF
redistribute eigrp 1 metric-type 1 subnets	Same, but account for OSPF transit cost (E1 type)
distance ospf external\|inter-area\|intra-area 1-255	Change AD for all OSPF route types
distance 1-255 172.20.0.0 0.0.255.255	Change AD for a specific route only

OSPF Area Types

Stub Area

ABR replaces Type-5 (external) LSAs with a default route for the stub area. All routers in the area must be configured as stub.

Stub Configuration

Command	Description
area 1 stub	Mark area 1 as stub — configure on ALL routers in the area
area 2 default-cost 50	Set cost of the default route injected by ABR for stub area

Totally Stubby Area

Replaces both Type-3 (inter-area summary) and Type-5 LSAs with a single default route.

Totally Stubby Configuration

Command	Description
area 2 stub	On internal area routers
area 2 stub no-summary	On ABR — blocks Type-3 and Type-5 LSAs

NSSA (Not-So-Stubby Area)

Workaround for having an ASBR inside a stub area. ASBR generates Type-7 LSA; ABR converts Type-7 → Type-5.

NSSA Configuration

Command	Description
area 2 nssa [no-summary]	Mark area as NSSA. Add `no-summary` to make it Totally NSSA

Additional Features

Frame-Relay and Authentication

Command	Description
neighbor 10.0.2.1	Manually define neighbor (NBMA / frame-relay — no broadcast)
ip ospf authentication message-digest	Enable MD5 authentication on interface
ip ospf message-digest-key 1 md5 cisco	Set authentication key
show ip ospf int e0/1	Verify authentication is enabled on the interface

Cisco IOS Command Reference | OSPF