OSPF Prefix Suppression

In large OSPF networks, a lot of space is wasted in the LSDB and routing tables
because of prefixes on transit links. OSPF prefix suppression is a feature to get rid of
these unnecessary prefixes.  Let me give you a quick example to explain this:

Above we have three routers running OSPF. Behind R1 and R2, there are host devices.
The only thing we care about in this topology is to have end-to-end connectivity
between H1 and H2. If you look in the routing tables of R1 and R3, you will find this:

R1#show ip route ospf

O 192.168.3.0/24 [110/3] via 192.168.12.2, 00:00:02,

GigabitEthernet0/1
O 192.168.23.0/24 [110/2] via 192.168.12.2, 00:00:02,
GigabitEthernet0/1
R3#show ip route ospf

O 192.168.1.0/24 [110/3] via 192.168.23.2, 00:00:23,

GigabitEthernet0/1
O 192.168.12.0/24 [110/2] via 192.168.23.2, 00:00:23,
GigabitEthernet0/1

R1 has learned about 192.168.23.0/24 and R3 has learned 192.168.12.0/24. There are
no host devices on these two networks so why do we care? There is no need for R1 to
send packets to 192.168.23.0/24 or R3 to send anything to 192.168.12.0/24. The two
prefixes are only used on transit links.
With OSPF prefix suppression, we can remove these prefixes of the routing table. By
doing so, we will save some memory and CPU cycles without breaking network
connectivity.

OSPF saves topology and addressing information in LSA type 1 and LSA type 2. We
can filter some of this information to prevent them from being installed. This only
suppresses the prefix information of the transit links, not the transit links themselves.
We need to know the transit links otherwise OSPF is unable to calculate the shortest
path tree.

Configuration
To demonstrate prefix suppression, I use the following topology:

In the topology above, each router has a loopback interface and our goal is to have end-
to-end connectivity between the loopback interfaces. All routers are in area 0 and we
have two transit links:

 192.168.123.0/24
 192.168.34.0/24
R1 and R2 will learn about 192.168.34.0/24 and R4 learns 192.168.123.0/24. Both
prefixes are not necessary.
R1, R2, and R3 are on a multi-access segment, the connection between R3 and R4 is a
point-to-point link so the correct OSPF network type has been configured.

Want to take a look for yourself? Here you will find the startup configuration of each device.

Prefix Suppression Disabled

Prefix suppression is disabled by default. Let’s look at the current routing tables:

R1#show ip route ospf

2.0.0.0/32 is subnetted, 1 subnets

O 2.2.2.2 [110/2] via 192.168.123.2, 00:04:03,
GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:04:13,
GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:00:03,
GigabitEthernet0/1
O 192.168.34.0/24 [110/2] via 192.168.123.3, 00:00:19,
GigabitEthernet0/1
R2#show ip route ospf

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/2] via 192.168.123.1, 00:09:08,
GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:09:18,
GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:05:08,
GigabitEthernet0/1
O 192.168.34.0/24 [110/2] via 192.168.123.3, 00:05:24,
GigabitEthernet0/1

Above we can see that R1 and R2 have 192.168.34.0/24 in their routing tables. Here’s
R4:

R4#show ip route ospf

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/3] via 192.168.34.3, 00:01:06,
GigabitEthernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/3] via 192.168.34.3, 00:01:06,
GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.34.3, 00:01:06,
GigabitEthernet0/1
O 192.168.123.0/24 [110/2] via 192.168.34.3, 00:01:06,
GigabitEthernet0/1

R4 has 192.168.123.0/24 in its routing table.

Router LSA
The first thing we are going to do is to get rid of the 192.168.34.0/24 prefix. Since this is
a point-to-point link, there is no DR/BDR and it’s advertised directly in LSA type 1. There
are four link types that you can find in LSA type 1:
 Point-to-point link to another router: this is a transit link that points to the router ID of your
neighbor on the other end of the point-to-point link.
 Link to transit network: this is a transit link that points to the IP address of the DR of the transit
link.
 Stub network: this contains the IP prefix that is used on a stub network or a prefix on a point-to-
point link to another router.
 Virtual link: this is a virtual point-to-point link that points to the router ID of the router you
establish a virtual link with.
The stub network link type has the prefix information so if we want to filter the prefix on
the transit link, we have to filter the stub network information .
Let’s take a look at LSA type 1 of R3 and R4. Here’s R3:

R3#show ip ospf database router self-originate

OSPF Router with ID (3.3.3.3) (Process ID 1)

Router Link States (Area 0)

LS age: 120
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 80000004
Checksum: 0xFFE0
Length: 72
 Number of Links: 4

Link connected to: a Stub Network

(Link ID) Network/subnet number: 3.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 4.4.4.4
(Link Data) Router Interface address: 192.168.34.3
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: a Stub Network

(Link ID) Network/subnet number: 192.168.34.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: a Transit Network

(Link ID) Designated Router address: 192.168.123.3
(Link Data) Router Interface address: 192.168.123.3
Number of MTID metrics: 0
TOS 0 Metrics: 1

Above you can see the prefix information of the stub network link type. You can find the
same information on R4:

R4#show ip ospf database router self-originate

OSPF Router with ID (4.4.4.4) (Process ID 1)

Router Link States (Area 0)

LS age: 118
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 80000002
Checksum: 0xEAB
Length: 60
Number of Links: 3

Link connected to: a Stub Network

 (Link ID) Network/subnet number: 4.4.4.4
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 3.3.3.3
(Link Data) Router Interface address: 192.168.34.4
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: a Stub Network

(Link ID) Network/subnet number: 192.168.34.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1

Once we enable prefix suppression, the highlighted information above will disappear.

Network LSA
The 192.168.123.20/24 prefix that is used on the multi-access segment is not
advertised in LSA type 2 but in LSA type 2 that the DR advertises. If we want to
suppress this prefix, we have to make some changes to LSA type 2. In my topology, R3
is the DR. Here’s the network LSA:

R3#show ip ospf database network self-originate

OSPF Router with ID (3.3.3.3) (Process ID 1)

Net Link States (Area 0)

LS age: 595
Options: (No TOS-capability, DC)
LS Type: Network Links
Link State ID: 192.168.123.3 (address of Designated Router)
Advertising Router: 3.3.3.3
LS Seq Number: 80000001
Checksum: 0x4CDD
Length: 36
Network Mask: /24
Attached Router: 3.3.3.3
Attached Router: 1.1.1.1
Attached Router: 2.2.2.2
Above we find the IP address of the DR and the network mask. The prefix isn’t
advertised directly in LSA type 2 but with the IP address of the DR and the subnet
mask, the router can calculate what prefix we are using (192.168.123.0/24).

Prefix Suppression Enabled

Let’s enable prefix suppression so we can see the difference. I enable this on all my
routers:

R1,R2,R3 & R4
(config)#router ospf 1
(config-router)#prefix-suppression

That’s all you have to do.

You can also enable prefix suppression on the interface level with the ip ospf prefix-
suppression command.

Here is the result:

R1#show ip route ospf

2.0.0.0/32 is subnetted, 1 subnets

O 2.2.2.2 [110/2] via 192.168.123.2, 00:10:33,
GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:10:43,
GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:06:33,
GigabitEthernet0/1
R2#show ip route ospf

1.0.0.0/32 is subnetted, 1 subnets

O 1.1.1.1 [110/2] via 192.168.123.1, 00:10:54,
GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.123.3, 00:11:04,
GigabitEthernet0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/3] via 192.168.123.3, 00:06:54,
GigabitEthernet0/1
R4#show ip route ospf
 1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/3] via 192.168.34.3, 00:07:19,
GigabitEthernet0/1
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/3] via 192.168.34.3, 00:07:19,
GigabitEthernet0/1
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 192.168.34.3, 00:07:19,
GigabitEthernet0/1

This is pretty neat. As you can see, all prefixes on the transit links are now gone. We
still have end-to-end connectivity between our loopback interfaces. For example:

R1#ping 4.4.4.4 source 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/8
ms

Now the big question remains, what has changed in the LSDB? Let’s find out…

Router LSA
Here is LSA type 1 on R3:

R3#show ip ospf database router self-originate

OSPF Router with ID (3.3.3.3) (Process ID 1)

Router Link States (Area 0)

LS age: 179
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 80000005
Checksum: 0x8BF0
Length: 60
Number of Links: 3
 Link connected to: a Stub Network
(Link ID) Network/subnet number: 3.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 4.4.4.4
(Link Data) Router Interface address: 192.168.34.3
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: a Transit Network

(Link ID) Designated Router address: 192.168.123.3
(Link Data) Router Interface address: 192.168.123.3
Number of MTID metrics: 0
TOS 0 Metrics: 1

If you compare this output with the one I showed you before, you will see that the
information about the stub network 192.168.34.0/24 has been removed here. The same
thing happened on R4:

R4#show ip ospf database router self-originate

OSPF Router with ID (4.4.4.4) (Process ID 1)

Router Link States (Area 0)

LS age: 250
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 80000003
Checksum: 0x7BD9
Length: 48
Number of Links: 2

Link connected to: a Stub Network

(Link ID) Network/subnet number: 4.4.4.4
(Link Data) Network Mask: 255.255.255.255
Number of MTID metrics: 0
TOS 0 Metrics: 1

Link connected to: another Router (point-to-point)

(Link ID) Neighboring Router ID: 3.3.3.3
 (Link Data) Router Interface address: 192.168.34.4
Number of MTID metrics: 0
TOS 0 Metrics: 1

Above you won’t find anything about stub network 192.168.34.0/24 anymore.

Network LSA
Prefix 192.168.123.0/24 was also removed. Let’s take another look at the network LSA
of R3:

R3#show ip ospf database network self-originate

OSPF Router with ID (3.3.3.3) (Process ID 1)

Net Link States (Area 0)

LS age: 724
Options: (No TOS-capability, DC)
LS Type: Network Links
Link State ID: 192.168.123.3 (address of Designated Router)
Advertising Router: 3.3.3.3
LS Seq Number: 80000002
Checksum: 0x4ADE
Length: 36
Network Mask: /32
Attached Router: 3.3.3.3
Attached Router: 1.1.1.1
Attached Router: 2.2.2.2

Above we can still see the same information but there is one change. The network mask
has changed from /24 to /32. A subnet mask of /32 on a multi-access network is
impossible so when an OSPF router that supports prefix suppression sees this, it knows
that this LSA doesn’t have any prefix information. A router that doesn’t support prefix
suppression will install a /32 route in its routing table. This doesn’t cause any
connectivity issues.

Conclusion
You have now learned how OSPF prefix suppression works and how it filters prefixes
from transit links from its LSDB and thus the routing table. On point-to-point links, it
does so by removing the stub network information from LSA type 1. On multi-access
networks, it does so by changing the subnet mask to /32. If you want to learn more
about prefix suppression, you can take a look at RFC 6860.