Documentation

Back to Home
July 15, 2025

Configuring OSPF Special Areas on MikroTik v7, Cisco 7200, and FortiGate in GNS3

OSPF Special Areas

    OSPF (Open Shortest Path First) is a dynamic routing protocol mostly used in large network environments. It has more advanced features and advantages compared to simpler protocols like RIP, though it is also more complex to configure.

    OSPF is a link-state routing protocol that uses cost to find the best path to a destination. The cost is calculated by dividing a reference bandwidth by the interface bandwidth (Cost = Reference Bandwidth / Interface Bandwidth). A lower cost means a better path, so the route with the smallest total cost is chosen.

    OSPF also supports fast convergence, meaning routing updates happen quickly whenever the network topology changes, ensuring that data takes the best possible path without much delay. There are some features that can should understand in OSPF

1. OSPF Areas

OSPF divides the network into smaller areas to reduce CPU load and keep routing tables efficient. Each area must connect to the Backbone Area (Area 0).

Types of Areas:

  • Backbone Area (Area 0): The main area that connects all others. All inter-area traffic passes through it.
  • Standard Area: A normal area that allows all LSA types (1–5).
  • Stub Area: Blocks external routes (LSA 5), but receives a default route from the ABR. Allows LSA 1, 2, and 3.
  • Totally Stubby Area: Blocks summary (LSA 3) and external (LSA 5) routes. Only allows LSA 1 and 2 plus a default route.
  • NSSA (Not So Stubby Area): Like a stub area but allows external routes from a local ASBR using LSA 7. Accepts LSA 1, 2, and 7.
  • Totally NSSA: Combination of NSSA and Totally Stubby; allows only default route and LSA 7.

By default, on Cisco devices, if you choose Area 1, the IP address will be 0.0.0.1 on another device. Alternatively, you can configure it manually.

#Ciso | inside ospf
    network 192.168.1.0 0.0.0.255 area 2 #0.0.0.2 by default
    network 192.168.1.0 0.0.0.255 area 2.2.2.2

#Mikrotik v7
    routing ospf area add area-id=0.0.0.1 instance=xxx name=area1

#Fortigate | inside ospf
        conf area
            edit 0.0.0.1
            end

2. Router ID (RID)

A unique 32-bit IP address that identifies the router in the OSPF domain. It can be:

  • Manually set (recommended for stability), or
  • Automatically chosen from the highest loopback or interface IP.

To maintain sustainability, I recommend using a loopback interface. When a physical interface goes down, OSPF will still run because the loopback interface remains up.

3. OSPF Router Types

  • Internal Router: All interfaces in one area.
  • Backbone Router: At least one interface in Area 0.
  • ABR (Area Border Router): Connects multiple areas.
  • ASBR (Autonomous System Boundary Router): Connects OSPF with external routing protocols.

4. Neighbor and Adjacency

Routers in the same subnet become neighbors using Hello packets. Once they fully exchange routing info, they become adjacent.

5. OSPF Packet Types

OSPF uses 5 packet types:

  • Hello: Discover and maintain neighbors.
  • DBD (Database Description): Share LSDB summaries.
  • LSR (Link-State Request): Request missing LSAs.
  • LSU (Link-State Update): Send actual LSA data.
  • LSAck (Acknowledgment): Confirm LSA receipt.

6. LSDB (Link-State Database)

Each router maintains a complete database of the network topology (LSDB). This is used by the SPF algorithm to build the best path tree.

7. SPF Algorithm (Dijkstra's Algorithm)

OSPF calculates the shortest path to all destinations using the SPF algorithm. It ensures fast and loop-free routing.

8. Virtual Links

A virtual link connects an area to the Backbone (Area 0) if it doesn’t have a direct physical connection. This is often used temporarily during migrations or reconfigurations. Here's the logic

Image
R1# router-id 11.11.11.11
    area 1 virtual-link 2.2.2.2

R2# router-id 2.2.2.2
    area 1 virtual-link 11.11.11.11

Adj
%OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on OSPF_VL2 from LOADING to FULL, Loading Done

9. Route Summarization

Reduces routing table size by combining multiple prefixes into one summary route:

  • At ABRs (inter-area summarization).
  • At ASBRs (external summarization).

10. OSPF Authentication

Secures routing updates to prevent unauthorized routers:

  • None (default)
  • Plain text password
  • MD5 authentication (most secure)
  • Key Chain (Check On last RIP with key chain)

11. Route Filtering

Controls which routes are advertised or received using distribute-lists or route-maps, helping reduce unnecessary or sensitive route propagation.

12. SPF Throttling

Prevents excessive SPF recalculations in large networks by introducing delays or limits. This protects router CPU from overload during frequent changes.

13. Fast Convergence

Combines BFD (Bidirectional Forwarding Detection) with optimized OSPF timers to detect link failures faster, improving network stability and reducing downtime.

14. OSPF over MPLS/VPN

OSPF can run over MPLS or VPNs to support large-scale or multi-site networks. It's often used in service provider environments.

15. Opaque LSAs

Used for advanced features like Traffic Engineering (TE) and MPLS by carrying additional information not used in basic routing.

Here's the video where I configured OSPF routing with all area start with normal area, stub area, totally stub, nssa and totally nssa.

1. FortiGate CLI (OSPF)

To configure OSPF authentication with a password on FortiGate using CLI:

config router ospf 
set router-id 1.1.1.1
    conf area 
    edit 0.0.0.1
    with password
    authentication-type md5
    set authentication-key password

    conf ospf-interface
    edit name
    set interface portx

    conf network
    set prefix 192.168.1.0/24
    set area 0.0.0.1
end    

        

2. Cisco 7200 CLI (OSPF)

To configure OSPF with password authentication on a Cisco 7200 router using CLI:

conf t
router ospf 1
    router-id 1.1.1.1
    network 192.168.1.0 0.0.0.255 area 1

with password
area 1 authentication message-digest

interface Fa0/0
ip ospf message-digest-key 99 md5 password

3. MikroTik v7 CLI (OSPF)

To configure OSPF with simple password authentication on MikroTik v7:

routing ospf instance add name=xxx router-id=1.1.1.1
routing ospf area add name="area1" area-id=0.0.0.1 instance="xxx" type=depends
routing ospf interface-template add area=area1 interface=etherx networks=192.168.1.0/24

with password
routing ospf interface-template set 0 auth=md5 auth-id=99 auth-key=password