The Fundamentals of OSPF Routing Design

Previous Table of Contents Next

Because of the careful assignment of addresses, each area can be summarized with a single range command. This is a requirement to be able to scale an OSPF network. The first set of addresses starting with (the last octet is represented in binary) can be summarized into the backbone with the following command:

    area 8 range 

This means that all addresses starting with can be found in area 8.

Similarly, with the second area shown, the range of addresses starting with 

can be summarized as follows:

    area 17 range 

This design methodology is extensible such that the area mask boundary and the subnet masks may be drawn at any point in the address space. This might be required if you had originally planned for 32 areas in your network but then later decided that you needed more. Here, you may decide to have a variable-length area mask boundary. This becomes much more complex to manage and is beyond the scope of this book. Strategy 2 is meant to show one approach that tries to simplify something that is inherently complicated for people to deal with. Keep in mind that if you had displayed the entire address space for, there would be an additional 510 pages to the document.

Bit-Wise Subnetting and VLSM Example

Bit-wise subnetting and variable-length subnet masks (VLSMs) can be used in combination to save address space. Consider a hypothetical network where a Class B address is subdivided using an area mask and distributed among 16 areas. The Class B network,, might be subdivided as illustrated in Figure 5-17.

In Figure 5-17, the letters x, y, and z represent bits of the last two octets of the Class B network as follows:

  The four x bits are used to identify 16 areas.
  The five y bits represent up to 32 subnets per area.
  The seven z bits allow for 126 (128-2) hosts per subnet.

Scenario 3: Using Private IP Addresses

Private addressing is another option often cited as simpler than developing an area scheme using bit-wise subnetting. Although private address schemes provide an excellent level of flexibility and do not limit the growth of your OSPF internetwork, they have certain disadvantages.

For instance, developing a large-scale internetwork of privately addressed IP nodes limits total access to the Internet and mandates the implementation of what is referred to as a demilitarized zone (DMZ). If you need to connect to the Internet, Figure 5-18 illustrates the way in which a DMZ provides a buffer of valid NIC nodes between a privately addressed network and the Internet.

All nodes (end systems and routers) on the network in the DMZ must have NIC-assigned IP addresses. The NIC might, for example, assign a single Class C network number to you. The DMZ shown in Figure 5-18 has two routers and a single application gateway host (ApGate).

Figure 5-18  Connecting to the Internet from a privately addressed network.

Router A provides the interface between the DMZ and the Internet, and Router B provides the firewall between the DMZ and the private address environment. All applications that need to run over the Internet must access the Internet through the application gateway.

Firewalls can take many forms. They can be a router specially configured through the use of the Cisco firewall feature set or a dedicated machine designed from the ground up to perform firewall duties, such as a PIX Firewall, Raptor Eagle, or Firewall-1.


IP networks are divided into Class A, B, and C addresses. You can define a mask that specifies which bits in the address define the subnet and which define the host. OSPF supports a concept called variable-length subnet masks (VLSM) which enables an administrator to use different masks for the same network number on different interfaces.

VLSM Functionality

You might want to use VLSM if you are concerned about running out of IP address space. VLSM enables you to get more use out of your available space. VLSM offers the flexibility to handle subnets with different numbers of hosts. For example, a customer who has not implemented VLSM has some interfaces with only a few hosts and other interfaces with many hosts may choose to use a long mask on the first interface and a short mask on the second interface. This address space must be assigned VERY carefully. It is very likely that existing networks will need to re-number their networks in order to be able to take advantage of this feature.

With VLSM, you don’t have to waste network numbers on serial interfaces because you can support unnumbered IP interfaces. Also, VLSM supports discontinuous subnets. An example of a discontinuous subnet application is where a customer has two Class B addresses. One is used in the backbone, and one is used by sites. The site network number is discontinuous if there is more than one site with the same network number. The existing solution is to use secondary IP addresses on the same interface. In this way, you can provide a set of network numbers across the backbone and, thus, connect the discontinuous subnets.

VLSM Pitfalls

Some of the disadvantages of VLSM include the following:

  It is easy to make mistakes in address assignment.
  It is more difficult to monitor your network.

When using VLSM, be very careful about assigning addresses. For example, Cisco’s internal Class B network number is

First a little math to help show some common masks:

Suppose that you had two labs to which you want to assign subnet numbers. The first lab is very small and will never have more than six hosts. The second lab is large and might need to support up to 126 hosts. The obvious thing to do is to assign the masks appropriately. However, it is easy to make mistakes when doing this.

This is an illegal configuration because one of the network/mask pairs is a bit-wise subset of the other. Watch what can happen.

Table 5-3 Common masks and hosts
Mask Number of hosts 2 6 14 30 62 126 254

Previous Table of Contents Next

OSPF Network Design Solutions
OSPF Network Design Solutions
ISBN: 1578700469
EAN: 2147483647
Year: 1998
Pages: 200
Authors: Tom Thomas

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: