This article is being continuously updated - consider it a work in progress! [2026-03-03]
OSPF (Open Shortest Path First) is an Interior Gateway Protocol (IGP) that builds a synchronized network graph and derives forwarding decisions by computing a shortest-path tree using Dijkstra’s SPF algorithm.
Unlike distance-vector protocols (such as RIP), OSPF does not exchange routes. It exchanges topology information and derives routes from a synchronized graph model; it is hence more like a distributed network synchronization system.
OSPF is a link-state protocol - and that classification is fundamental since that OSPF is event-driven, dynamic, and autonomously convergent:
OSPF is an eventually consistent topology replication system with bounded failure domains (areas).
TAKEAWAY
OSPF does not exchange routes — it exchanges topology information through adjacencies (neighbors) by the usage of LSAs⬧. Each LSA updates the LSDB and once the LSDB changes, SPF is triggered locally, and the routing table (RIB⬧) is recomputed.
The Link-State Database (LSDB) is the replicated state of OSPF. It is not a routing table and it is not “routes.” It's a topology model encoded as Link-State Advertisements (LSAs).
Each router maintains an LSDB per area (even in single-area designs, that still means “Area 0”). In steady state, all routers inside the same area converge to the same LSDB content.
At minimum in a clean single-area Ethernet design you will primarily see:
That’s the key mental model:
OSPF operates entirely in the control plane; it does not forward any data traffic (forwarding plane). Its packets (IP protocol 89) are control traffic and are punted to the CPU — never CEF⬧-switched.
Through neighbor discovery and reliable LSA flooding, routers construct a synchronized Link-State Database (LSDB) that represents the network as a graph. Each router then runs SPF locally against that database and installs the resulting best paths into its routing table (RIB -> FIB).
Routes are therefore locally derived state — not the primary payload (which are the LSA's). OSPF does not transmit user data either; it simply derives best OSPF routes, inserts them into the RIB⬧ and the winners of those are inserted into the FIB⬧ and used in the forwarding-plane.
Minimal Single-Area Example (Area 0)
A complete mini-run: Hello → FULL → LSAs → SPF → RIB/FIB
OSPF is a deterministic state machine. This means that adjacency formation progresses through fixed states in a defined order — and if adjacency fails, it fails at a specific state for a well-defined reason we are simply able to determine.
Adjacency formation is about establishing reliable database replication and avoiding corrupting the LSDB. OSPF does not trust neighbors until database synchronization is proven reliable.
OSPF adjacency is not “a connection.” It’s a controlled process for building a trusted replication channel for link-state data. The state machine exists to prevent polluted or partial databases from entering the LSDB.
The first states (Down / Init / 2-Way) are Hello-level liveness and compatibility. The later states (ExStart → Exchange → Loading) are database synchronization. Full simply means: “for this neighbor relationship, the LSDBs are synchronized enough to flood reliably.”
DEBUG
If a neighbor is not FULL stop and fix that first!
Adjacency fails where packet exchange breaks, OSPF adjacency formation (and maintenance) uses five packet types.
| Packet | Multicast | What it does | Contains | Where you see it most | Most Common Break Cause | What To Check |
|---|---|---|---|---|---|---|
| Hello | 224.0.0.5 / .6 | Discovers neighbors, verifies parameters, maintains neighbor liveness | Timers, RID, neighbor list, DR/BDR | Down → Init → 2-Way, and continues periodically even when Full | Area mismatch, auth mismatch, timer mismatch, network type | show ip ospf interface |
| DBD (Database Description) | Unicast / multicast | Exchanges summaries of the LSDB (LSA headers, not full LSAs) | LSA headers only | ExStart / Exchange | MTU mismatch, RID conflict | show ip ospf neighbor detail |
| LSR (Link State Request) | Unicast | Requests specific missing LSAs by type/ID/advertising router | Specific LSA request | Loading | LSA not delivered | show ip ospf database |
| LSU (Link State Update) | Multicast / unicast | Sends the requested LSAs (or floods updates) | Full LSAs | Exchange / Loading | Filtering, CPU overload | debug ip ospf packet |
| LSAck | Multicast / unicast | Acknowledges received LSAs for reliable delivery | LSA header ack | Exchange / Loading | Retransmit storm | show ip ospf retransmission-list |
The following sequence shows the actual packet-level exchange that drives the adjacency state transitions shown above.
Think of it as a runtime trace of the OSPF state machine: Hello establishes liveness, DBD negotiates synchronization, and LSR/LSU/LSAck complete database replication.
TAKEAWAY
Adjacency formation is a staged escalation of trust:
If any phase fails, the state machine rolls back.
The Hello packet is what initially transitions the router from DOWN to INIT when it recieves a neighbors Hello.
But for the 2-WAY state transition, the following Hello requirements must match between two neighbors communicating:
Mismatch in any of these prevents adjacency formation and result in a transition failure.
INFO
The HELLO packet is exchanged continiously back and forth every time the Hello Timer times out, even when
relationship reaches the FULL state.
If the router doesn't get a HELLO packet back within the duration of the Dead Timer the adjacency is teared down
and the process has to start over from scratch
A good rule of thumb is that the Dead Timer should be set to four times the Hello Timer.
The (DB) database (D) descriptor is used to exchange summaries (headers) of the neighbor routers LSAs.
MTU size must match for this stage to complete or it will revert back to 2-Way
On broadcast networks (Ethernet), OSPF elects:
This reduces adjacency count from N² to N.
Election priority:
Verify:
show ip ospf neighborIf no FULL adjacency to DR → topology knowledge incomplete.
To influence:
interface g0/0
ip ospf priority 200Setting priority 0 → router will not become DR/BDR.
Router-ID selection order:
router ospf 10
router-id 1.1.1.1Duplicate Router IDs prevent adjacency.
After change:
clear ip ospf processThis resets adjacency and rebuilds LSDB.
Multi-area OSPF exists to contain state propagation.
Single-area is the optimal solution for smaller networks but starts degrading slowly along very specific control-plane stress vectors as the area grows.
A 100-router backbone with flappy links can become troublesome whereas a stable 250-router backbone won't exhibit the same symptoms.
Single-area OSPF stops scaling when:
Multi-area beats single-area when the cost of global state synchronization exceeds the benefit of simplicity.
Multi-area introduces:
And it is all about constraining blast radius.
Think of area types as: Policies for LSA admission and flooding scope.
Area types do not change SPF mechanics.
They change which LSAs are allowed to exist inside an area.
That is the entire game; think of it as scaling valves.
The central transit area of a multi-area OSPF domain. All other areas must connect to Area 0 (logically or physically). Area 0 is the global transit fabric.
OSPF topology is encoded as LSAs as we talked about in the beginning, and LSAs get flooded to synchronize the LSDB.
How, when and why they're flooded matters.
| Type | Name | Generated By | Flooding Scope | Appears When | Purpose |
|---|---|---|---|---|---|
| 1 | Router LSA | Every router | Area-local | Always | Describes router links + costs inside an area |
| 2 | Network LSA | DR | Area-local | Broadcast / NBMA networks | Describes multi-access segment and attached routers |
| 3 | Summary LSA | ABR | Inter-area | Multi-area design | Advertises networks between areas |
| 4 | ASBR Summary LSA | ABR | Inter-area | When ASBR exists | Advertises path to ASBR |
| 5 | External LSA | ASBR | Entire OSPF domain (except stub areas) | Redistribution | Advertises external routes (E1/E2) |
| 6 | MOSPF LSA | — | — | Rare (Multicast OSPF) | Multicast extensions (almost never used) |
| 7 | NSSA External LSA | ASBR inside NSSA | NSSA area only | NSSA redistribution | External routes inside NSSA (converted to Type 5 by ABR) |
| 8 | Link LSA | OSPFv3 only | Link-local | OSPFv3 | Carries link-local address info |
| 9 | Opaque LSA (Link scope) | Router | Link-local | Extensions | Used for traffic engineering |
| 10 | Opaque LSA (Area scope) | Router | Area-local | Extensions | MPLS-TE, Graceful Restart, etc. |
| 11 | Opaque LSA (AS scope) | Router | AS-wide | Extensions | Domain-wide opaque info |
| Area Type | Type 1 | Type 2 | Type 3 | Type 4 | Type 5 | Type 7 | Default Route Injected? | Use Case |
|---|---|---|---|---|---|---|---|---|
| Backbone (Area 0) | ✔ | ✔ | ✔ | ✔ | ✔ | ✖ | No (unless configured) | Core transit area |
| Normal Area | ✔ | ✔ | ✔ | ✔ | ✔ | ✖ | No (unless configured) | Standard multi-area design |
| Stub Area | ✔ | ✔ | ✔ | ✖ | ✖ | ✖ | ✔ (by ABR) | Edge area without redistribution |
| Totally Stubby Area* | ✔ | ✔ | ✖ | ✖ | ✖ | ✖ | ✔ (by ABR) | Smaller edge area |
| NSSA | ✔ | ✔ | ✔ | ✔ | ✖ | ✔ | Optional | Edge area needing redistribution |
| Totally NSSA* | ✔ | ✔ | ✖ | ✖ | ✖ | ✔ | ✔ | Controlled redistribution edge |
Verify LSDB:
show ip ospf databaseAll routers in same area must share identical LSDB (but during convergence, transient divergence exists).
If LSDB differs → SPF differs → routing differs.
OSPF behavior depends on network type.
| Type | DR/BDR | Multicast | Default |
|---|---|---|---|
| Broadcast | Yes | Yes | Ethernet |
| Point-to-Point | No | Yes | Serial |
| Point-to-Multipoint | No | Yes/Varies | Manual |
| NBMA | Yes | Often no (manual neighbors) | Frame Relay |
Mismatch in network type causes adjacency asymmetry.
Verify:
show ip ospf interface g0/0Default reference bandwidth = 100 Mbps.
This is obsolete in modern networks.
If not changed, 1G and 10G links share identical cost.
Set globally:
router ospf 10
auto-cost reference-bandwidth 10000Must match across all routers.
Manual override:
interface g0/1
ip ospf cost 50OSPF does not fail randomly it fails at a specific layer for a specific reason; we talked briefly about this earlier regarding adjacency-formation:
Adjacency formation progresses through fixed states in a defined order — and if it fails, it fails at a specific state for a specific reason.— This Article
| Symptom | Neighbor State | Interpretation | Likely Root Cause(s) |
|---|---|---|---|
| No adjacency | Down / Init | Adjacency never forms | Area mismatch, authentication mismatch, hello/dead timer mismatch, ACL blocking multicast (224.0.0.5/6), network type mismatch |
| INIT only | Init | One-way Hello seen | Hello parameter mismatch, duplicate Router ID, unidirectional link, multicast filtering |
| EXSTART loop | ExStart | DBD negotiation repeatedly restarts | MTU mismatch, master/slave negotiation failure, duplicate Router ID |
| Stuck LOADING | Loading | LSA exchange incomplete | LSA request/retransmit failure, filtering, packet loss, CPU overload |
| Missing routes | Full (but wrong SPF) | Adjacency up but routing incorrect | Cost mismatch, reference bandwidth inconsistency, passive interface, filtering, LSDB divergence |
| Inconsistent routing | Full (divergent LSDB) | SPF computed on inconsistent databases | LSDB desynchronization, LSA filtering, stub/NSSA misconfiguration, redistribution mismatch |
If the neighbor is not FULL, stay in the adjacency layer -- do not inspect routes yet.
| State | What it means | Fastest checks (Cisco IOS) | Usual root causes |
|---|---|---|---|
| Down | No Hellos received | show ip ospf interface g0/0 / show ip ospf neighbor | L1/L2 down, wrong VLAN, OSPF not enabled on interface, passive-interface, ACL blocking proto 89/multicast |
| Init | One-way Hellos | show ip ospf neighbor detail (do you appear in their neighbor list?) | Unidirectional link, multicast blocked one direction, hello params mismatch, duplicate RID edge cases |
| 2-Way | Bidirectional Hellos | On broadcast: check DR/BDR; show ip ospf neighbor | Normal on broadcast for non-DR/BDR peers; otherwise network type mismatch / adjacency expectation wrong |
| ExStart | DBD negotiation | show ip ospf neighbor detail + MTU; consider ip ospf mtu-ignore (temp) | MTU mismatch (most common), L2 fragmentation issues, broken negotiation due to flapping |
| Exchange | DBD summary exchange | debug ip ospf adj (careful), show ip ospf neighbor detail | DBD sequence issues, packet loss, CPU spikes, MTU problems still present |
| Loading | LSR/LSU/LSAck not completing | show ip ospf request-list / retransmissions | Packet loss/filtering, ACL/QoS policing, CPU overload, LSA flooding blocked, interface errors |
| Full | Synchronized | If routing is wrong: shift to LSDB/SPF/cost checks | Not an adjacency problem anymore |
Never jump randomly.
Follow this order:
Do not inspect routing table before verifying adjacency.
If you remember nothing else:
All OSPF failures reduce to one of four categories:
Convergence is not magic — it is the network reaching equilibrium after state change.
If adjacency is unstable, flooding is unstable.
If flooding is unstable, SPF thrashes.
If SPF thrashes, routing oscillates.
Field doctrine:
And lastly: if adjacency breaks, everything upstream collapses.
| Layer | Object | Packet | LSA | Scope | Failure Mode |
|---|---|---|---|---|---|
| Discovery | Neighbor | Hello | — | Link | INIT |
| Sync | LSDB | DBD | 1/2 | Area | ExStart |
| Replication | LSDB | LSU | 1–7 | Area/AS | Loading |
| Computation | SPF | — | All | Local | Wrong path |
| Forwarding | FIB | — | — | Hardware | Blackhole |