3.5 Single-Area OSPFv2 — Configuration
Key Takeaways
- The OSPF Router ID is chosen from manual configuration, then highest loopback IP, then highest active interface IP.
- The network command with a wildcard mask selects which interfaces OSPF activates.
- Passive interfaces advertise their network but do not send or receive Hello packets.
- On broadcast networks a DR and BDR are elected to reduce flooding and adjacency count.
- DR election is highest OSPF priority (default 1, 0 excludes), then highest Router ID, and is non-preemptive.
OSPF Router ID
Every OSPF router needs a unique Router ID (RID) — a 32-bit value written like an IPv4 address.
Router ID Selection Order
- Manually configured with the
router-idcommand (highest priority). - Highest IP on any loopback interface, if no manual RID.
- Highest IP on any active physical interface, if no loopback exists.
Router(config)# router ospf 1
Router(config-router)# router-id 1.1.1.1 ! Best practice: set it manually
On the Exam: Changing the RID does not take effect until the process restarts with
clear ip ospf process. Always set it manually so a future interface change cannot silently shift it.
Basic OSPF Configuration
Router(config)# router ospf 1 ! Process ID, locally significant
Router(config-router)# router-id 1.1.1.1
Router(config-router)# network 192.168.10.0 0.0.0.255 area 0 ! Activate matching interfaces
Router(config-router)# network 10.0.0.0 0.0.0.3 area 0 ! Point-to-point /30 link
Router(config-router)# passive-interface GigabitEthernet0/1 ! No Hellos toward the LAN
Router(config-router)# auto-cost reference-bandwidth 10000 ! Differentiate Gigabit links
Router(config-router)# default-information originate ! Advertise the default route
The process ID after router ospf is locally significant only — two routers can use different process IDs and still peer.
The network Command and Wildcard Masks
The network command tells OSPF which interfaces to run on. The wildcard mask is the inverse of the subnet mask (255 minus each octet):
- 255.255.255.0 → wildcard 0.0.0.255
- 255.255.255.252 → wildcard 0.0.0.3
| Command | Effect |
|---|---|
network 192.168.10.0 0.0.0.255 area 0 | Activates interfaces in 192.168.10.0/24 |
network 10.0.0.0 0.0.0.3 area 0 | Activates interfaces in 10.0.0.0/30 |
network 0.0.0.0 255.255.255.255 area 0 | Activates ALL interfaces in Area 0 |
Alternative: Interface-Level OSPF
Router(config)# interface GigabitEthernet0/0
Router(config-if)# ip ospf 1 area 0 ! Enable OSPF directly on the interface
This approach is clearer and avoids wildcard-mask mistakes.
Passive Interfaces
A passive interface still has its network advertised into OSPF but stops sending and receiving Hellos, so no adjacency forms on it.
Router(config-router)# passive-interface GigabitEthernet0/1 ! One interface
Router(config-router)# passive-interface default ! All interfaces passive
Router(config-router)# no passive-interface GigabitEthernet0/0 ! Re-enable specific ones
Use passive interfaces on LAN segments facing only end devices — there are no neighbors to find, and suppressing Hellos there is a security and stability best practice.
On the Exam: If two directly connected routers won't peer, check whether one side made the link passive. A passive interface silently kills the adjacency.
DR/BDR Election on Broadcast Networks
On broadcast multi-access networks (Ethernet), OSPF elects a Designated Router (DR) and Backup Designated Router (BDR) to limit flooding. Without them, N routers would build N×(N−1)/2 adjacencies; with a DR/BDR each router peers fully only with the DR and BDR.
Election Rules
- Highest OSPF priority wins (default 1, range 0-255).
- Tie → highest Router ID wins.
- Priority 0 means the router never becomes DR or BDR.
- The election is non-preemptive — a later, higher-priority router will not displace a sitting DR until the DR fails and a new election runs.
Router(config-if)# ip ospf priority 100 ! Push this router to win
Router(config-if)# ip ospf priority 0 ! Exclude from election
Adjacency Types on Broadcast Networks
| Relationship | Reaches Full? |
|---|---|
| DR ↔ every router | Yes |
| BDR ↔ every router | Yes |
| DROther ↔ DROther | No — stays 2-Way |
The DR receives LSAs on 224.0.0.6 and floods them on 224.0.0.5; the BDR shadows the DR and takes over on failure.
Point-to-Point Networks
On point-to-point links there are only two routers, so no DR/BDR election occurs. You can force Ethernet into this mode:
Router(config-if)# ip ospf network point-to-point
This speeds adjacency formation and removes DR-failure concerns — a common optimization on back-to-back router links.
Verification Commands
Router# show ip ospf ! Process info, Router ID
Router# show ip ospf neighbor ! Neighbor state (Full, 2-Way)
Router# show ip ospf interface ! Per-interface cost, area, DR/BDR
Router# show ip ospf interface brief
Router# show ip ospf database ! The LSDB
Router# show ip route ospf ! OSPF routes only
Sample show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/DR 00:00:35 10.0.0.2 Gi0/0
3.3.3.3 1 FULL/BDR 00:00:37 10.0.0.3 Gi0/0
4.4.4.4 1 2WAY/DROTHER 00:00:31 10.0.0.4 Gi0/0
Read each column: Neighbor ID is the neighbor's Router ID; Pri is its OSPF priority; State combines the adjacency state and the neighbor's DR/BDR role; Dead Time counts down and must stay above zero (it resets each Hello); and Address/Interface show where the neighbor lives. The 2WAY/DROTHER line is normal — that neighbor is neither DR nor BDR, so the local router intentionally stays at 2-Way with it.
Worked Example: Wildcard Mask Math
Wildcard masks trip up many candidates. To advertise the interface in 172.16.8.0/22, first find the subnet mask for /22: 255.255.252.0. The wildcard is the bit-inverse — subtract each octet from 255: 0.0.3.255. So the statement is network 172.16.8.0 0.0.3.255 area 0. A quick check: the wildcard's last non-zero value (3) plus one equals the block size (4), confirming the /22 boundary. Getting the wildcard wrong either activates too many interfaces or none, so when a network statement seems to do nothing, recompute the wildcard first.
Choosing Network Statement vs. Interface Configuration
The classic network ... area method enables OSPF on every interface whose primary IP falls inside the wildcard range — convenient but easy to over-match. The modern interface method, ip ospf <process> area <area> applied directly under an interface, is explicit and avoids wildcard errors, which is why many shops and study guides now prefer it. Both produce identical OSPF behavior; the CCNA may show either, so recognize that a missing route can stem from an interface that no network statement happened to match, or from forgetting the per-interface ip ospf line.
Default-Route Origination
If the OSPF domain reaches the internet through one edge router that holds a static default route, that default is not shared with other OSPF routers automatically. The edge router must run default-information originate, which injects a 0.0.0.0/0 route into OSPF so every internal router learns a path to the gateway of last resort. Without it, internal routers can reach internal subnets but have no route off-net — a frequent "can ping locally, not the internet" scenario.
What is the default OSPF Hello interval on a broadcast (Ethernet) network?
On a broadcast network with five OSPF routers using default settings, which router becomes the DR?
What is the effect of marking an OSPF interface as passive?
With no router-id command and no loopback interfaces, how does OSPF choose its Router ID?