What Is an OSPF Metric?

Simply put, an OSPF metric is a numerical value that represents the cost of sending traffic across a specific interface or link. The lower the cost, the more desirable the path becomes. OSPF uses this cost system to build the most efficient route from point A to point B.

OSPF cost is typically based on bandwidth, meaning faster links receive lower costs, making them more likely to be selected as primary paths.

Why the OSPF Metric Matters for Network Stability

OSPF runs on the idea of predictable, stable routing. If the metric system were inaccurate or outdated, routers might choose inefficient paths or overwhelm slow links.

The OSPF metric:

  • Prevents congestion by preferring faster links

  • Helps balance traffic evenly

  • Ensures routing stays stable even as a network grows

  • Helps administrators control how data flows

Without accurate metrics, OSPF would struggle to deliver reliable performance.

How OSPF Metric Works in Real-World Networks

Cost-Based Path Selection Explained

OSPF calculates the cumulative cost of every possible route between two nodes. It sums the cost of each interface in the path, and the path with the lowest total cost wins.

For example:

Link SpeedDefault OSPF Cost (Cisco)
10 Mbps10
100 Mbps1
1 Gbps1
10 Gbps1

These values help routers pick the most efficient route.

OSPF Hello Packets and Metric Influence

While Hello packets establish neighbor relationships, they also support the exchange of metric information. Once routers become neighbors, they use LSAs (Link State Advertisements) to share cost values. This keeps every router updated on link speeds and costs.

Factors Affecting OSPF Metric Calculation

1. Reference Bandwidth

The reference bandwidth determines how OSPF converts link speeds into cost values. On Cisco devices, the default reference bandwidth is 100 Mbps, which causes modern links (1G/10G/40G/100G) to all show the same cost unless adjusted.

2. Link Speed and Interface Types

Different interface speeds impact cost significantly:

  • Fiber links → lower cost

  • Wireless links → higher cost

  • Tunnel interfaces → customizable cost

3. Custom Cost Configuration

Administrators can manually override interface cost for traffic engineering. This helps in scenarios like directing critical applications over specific links.

Default OSPF Metric Values

Different vendors assign different defaults:

Cisco Default Costs

Cisco uses:

Cost = Reference Bandwidth / Interface Bandwidth

With default reference at 100 Mbps, anything ≥100 Mbps becomes cost 1.

Other Vendor Defaults

  • Juniper often defaults to different bandwidth references

  • MikroTik allows easy cost modification through WinBox

Adjusting OSPF Metrics for Optimization

Using the “ip ospf cost” Command

Example:

interface GigabitEthernet0/1
  ip ospf cost 15

This allows precise tuning.

Auto-Cost Reference Bandwidth Command

To modernize OSPF:

router ospf 1
  auto-cost reference-bandwidth 100000

This supports up to 100 Gbps links.

Best Practices

  • Always adjust reference bandwidth on all routers

  • Keep costs consistent across same-speed links

  • Avoid overly complex cost values

Common Use Cases for OSPF Metric Tuning

1. Load Balancing

OSPF supports ECMP (equal-cost multipathing). By aligning costs, you can load-balance traffic.

2. Failover Optimization

By increasing cost on backup links, primary routes remain preferred.

3. Traffic Engineering

Control the flow of critical or heavy applications.

OSPF Metric vs Other Routing Protocol Metrics

OSPF vs EIGRP

OSPF uses cost, while EIGRP uses a more complex composite metric including bandwidth, delay, reliability, and load.

OSPF vs BGP

BGP doesn’t use cost—it uses path attributes.

Troubleshooting OSPF Metric Issues

Common Errors and Fixes

IssueCauseFix
Mismatched costsManual misconfigurationAlign costs
Slow failoverBackup costs too highReduce backup cost
Unexpected pathsIncorrect reference bandwidthStandardize reference

Tools for Metric Verification

  • show ip ospf interface

  • show ip route ospf

  • Wireshark (LSA analysis)

FAQs About OSPF Metric

1. What is the main purpose of the OSPF metric?

To determine the most efficient path through a network based on link cost.

2. How is OSPF cost calculated by default?

It’s based on bandwidth using a reference bandwidth divided by interface bandwidth.

3. Can I manually change the OSPF metric?

Yes—using commands like ip ospf cost.

4. Why do gigabit links show the same cost as 10-gigabit links?

Because the default reference bandwidth is outdated and must be increased.

5. Does OSPF support load balancing using metrics?

Yes—when costs are equal, OSPF uses equal-cost multipath (ECMP).

6. Are OSPF metrics the same across all router vendors?

No—different vendors use different defaults.

at No comments:
Labels:

Rapid Spanning Tree Protocol (RSTP)

Rapid Spanning Tree Protocol (RSTP) is an evolution of the original STP (IEEE 802.1w) that dramatically reduces network convergence time from 30-50 seconds to under 6 seconds. 

This faster recovery is critical for modern networks where downtime must be minimized.

Key Improvements Over STP

Port States: RSTP simplifies five states (Disabled, Blocking, Listening, Learning, Forwarding) into three:

  • Discarding: Blocks traffic (replaces Disabled, Blocking, Listening)
  • Learning: Learns MAC addresses but doesn't forward
  • Forwarding: Fully operational

Port Roles: RSTP introduces new roles:

  • Root Port: Best path to root bridge
  • Designated Port: Forwards traffic on segment
  • Alternate Port: Backup to root port (instant failover)
  • Backup Port: Backup to designated port
  • Edge Port: Connects to end devices (PortFast equivalent)

Proposal/Agreement Handshake: RSTP uses active negotiation between switches instead of passive timer-based convergence, enabling rapid topology changes.

Practical Example

Consider this network topology:

         [Switch A - Root]
         Priority: 4096
            /        \
       Cost:4      Cost:4
          /            \
    [Switch B]=======[Switch C]
     Cost:19 (backup link)

RSTP Port Assignments:

# Switch A (Root Bridge) - All ports Designated
Port Gi0/1 → Switch B: Designated/Forwarding
Port Gi0/2 → Switch C: Designated/Forwarding

# Switch B
Port Gi0/1 → Switch A: Root Port/Forwarding (best path)
Port Gi0/2 → Switch C: Designated/Forwarding

# Switch C  
Port Gi0/1 → Switch A: Root Port/Forwarding (best path)
Port Gi0/2 → Switch B: Alternate Port/Discarding (backup)

Failover Scenario:

If the link between Switch A and Switch C fails:

# Traditional STP: 30-50 seconds
1. Detect failure (20 sec - MaxAge timer)
2. Listening state (15 sec)
3. Learning state (15 sec)
4. Forwarding state
Total: ~50 seconds downtime

# RSTP: Under 6 seconds
1. Detect failure (immediate)
2. Switch C's Alternate Port (Gi0/2) immediately transitions
3. Proposal/Agreement with Switch B (milliseconds)
4. Port enters Forwarding state
Total: 1-6 seconds downtime

Configuration Example

# Enable RSTP
Switch(config)# spanning-tree mode rapid-pvst

# Configure edge ports (end devices)
Switch(config)# interface range fa0/1-24
Switch(config-if-range)# spanning-tree portfast
Switch(config-if-range)# exit

# Verify RSTP operation
Switch# show spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: VLAN0001
PortFast Default: disabled

Benefits

  • Fast convergence: Sub-second failover for critical links
  • Backward compatible: Works with legacy STP switches
  • Efficient: Active negotiation vs. passive timers
  • Better redundancy: Alternate/Backup ports pre-calculated

RSTP is the modern standard for loop prevention, providing enterprise-grade reliability with minimal disruption during topology changes.

at No comments:
Labels:

Spanning Tree Protocol (STP)

Spanning Tree Protocol (STP) is a network protocol that prevents loops in Ethernet networks with redundant paths. 

When switches are connected in a mesh topology for redundancy, data packets can circulate infinitely, causing broadcast storms that crash the network. 

STP solves this by creating a loop-free logical topology.

How STP Works

STP automatically identifies and blocks redundant paths while keeping them as backup routes. It does this by:

  1. Electing a Root Bridge: All switches exchange Bridge Protocol Data Units (BPDUs). The switch with the lowest Bridge ID becomes the root bridge—the reference point for the spanning tree.

  2. Calculating Path Costs: Each switch calculates the shortest path to the root bridge based on link speeds. Lower cost = better path.

  3. Selecting Port Roles: Ports are assigned roles:

    • Root Port: Best path to root bridge
    • Designated Port: Forwards traffic on a segment
    • Blocked Port: Redundant path, blocks traffic

  4. Blocking Redundant Links: Ports that would create loops enter blocking state, preventing traffic but listening for topology changes.

Practical Example

Imagine three switches connected in a triangle:

        [Switch A - Root Bridge]
           /              \
          /                \
     [Switch B]----------[Switch C]

Port states after STP convergence:

  • Switch A (Root Bridge): All ports are Designated Ports (forwarding)
  • Switch B: Port to A = Root Port (forwarding), Port to C = Designated Port (forwarding)
  • Switch C: Port to A = Root Port (forwarding), Port to B = BLOCKED (prevents loop)

Without STP, a broadcast from Switch A would travel to B and C, then bounce between B and C indefinitely. With STP, the B-C link is blocked, creating this logical path:

        [Switch A]
           /      \
          /        \
     [Switch B]   [Switch C]

If the A-C link fails, STP detects the topology change (typically within 30-50 seconds), unblocks the B-C port, and traffic reroutes through B. Modern variants like Rapid STP (RSTP) converge in under 6 seconds.

Key Benefits

  • Prevents broadcast storms and network meltdowns
  • Provides redundancy through automatic failover
  • Works automatically without manual configuration

STP is fundamental to enterprise networks, ensuring reliability while maintaining redundant connections for fault tolerance.

at No comments:
Labels:

STP Configuration Examples

Here are practical configuration examples for enabling and configuring Spanning Tree Protocol on Cisco switches:

Basic STP Configuration

# Enter global configuration mode
Switch> enable
Switch# configure terminal

# Enable Spanning Tree (enabled by default on Cisco)
Switch(config)# spanning-tree mode pvst
# Options: pvst (Per-VLAN STP), rapid-pvst, mst

# Set bridge priority to influence root bridge election
# Lower priority = more likely to become root (default: 32768)
Switch(config)# spanning-tree vlan 1 priority 4096
# Priority must be in increments of 4096 (0-61440)

# Or use shortcut to make this switch root
Switch(config)# spanning-tree vlan 1 root primary

# Configure port cost (influences path selection)
Switch(config)# interface gigabitEthernet 0/1
Switch(config-if)# spanning-tree cost 4
Switch(config-if)# exit

# Configure port priority (lower = preferred)
Switch(config)# interface gigabitEthernet 0/2
Switch(config-if)# spanning-tree port-priority 64
Switch(config-if)# exit

Rapid STP (RSTP) Configuration

# Enable Rapid Per-VLAN Spanning Tree
Switch(config)# spanning-tree mode rapid-pvst

# Configure PortFast for access ports (skips listening/learning)
Switch(config)# interface fastEthernet 0/5
Switch(config-if)# spanning-tree portfast
Switch(config-if)# exit

# Enable BPDU Guard (shuts port if BPDU received)
Switch(config)# interface fastEthernet 0/5
Switch(config-if)# spanning-tree bpduguard enable
Switch(config-if)# exit

Verification Commands

# View spanning tree status
Switch# show spanning-tree

# View STP for specific VLAN
Switch# show spanning-tree vlan 1

# View brief summary
Switch# show spanning-tree summary

# View root bridge information
Switch# show spanning-tree root

# View interface STP details
Switch# show spanning-tree interface gigabitEthernet 0/1

# View STP topology changes
Switch# show spanning-tree detail

Sample Output

Switch# show spanning-tree vlan 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    4097
             Address     0019.e86a.6f80
             This bridge is the root
             
  Bridge ID  Priority    4097
             Address     0019.e86a.6f80
             
Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- ----
Gi0/1            Desg FWD 4         128.1    P2p
Gi0/2            Desg FWD 4         128.2    P2p

Key Status Codes:

  • FWD = Forwarding
  • BLK = Blocking
  • LRN = Learning
  • LIS = Listening

These configurations ensure your network has loop prevention while maintaining redundancy!

at No comments:
Labels:

Layer 3 Forwarding in Network Switches

Layer 3 forwarding enables switches to route IP packets between different VLANs and subnets, combining traditional switching with routing capabilities. 

Layer 3 switches make forwarding decisions based on IP addresses rather than MAC addresses, providing faster inter-VLAN routing than external routers.

Key Characteristics

Layer 3 forwarding features include:

  • IP routing: Routes packets between different subnets/VLANs
  • Hardware-based: Uses ASICs for wire-speed routing
  • SVI (Switched Virtual Interfaces): Virtual interfaces for each VLAN
  • Routing protocols: Supports OSPF, EIGRP, BGP, and static routing

How Layer 3 Forwarding Works

The switch examines the destination IP address in the packet header, consults its routing table, and forwards the packet to the appropriate interface or VLAN. This process happens in hardware at line rate, making it much faster than traditional router-on-a-stick configurations.

Configuration Examples

Basic Inter-VLAN Routing

! Enable IP routing globally
Switch(config)# ip routing

! Create VLAN 10
Switch(config)# vlan 10
Switch(config-vlan)# name Sales
Switch(config-vlan)# exit

! Create VLAN 20
Switch(config)# vlan 20
Switch(config-vlan)# name Engineering
Switch(config-vlan)# exit

! Configure SVI for VLAN 10
Switch(config)# interface vlan 10
Switch(config-if)# ip address 192.168.10.1 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit

! Configure SVI for VLAN 20
Switch(config)# interface vlan 20
Switch(config-if)# ip address 192.168.20.1 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit

Static Routing Configuration

! Add static route to remote network
Switch(config)# ip route 10.0.0.0 255.255.255.0 192.168.100.1

! Default route for internet access
Switch(config)# ip route 0.0.0.0 0.0.0.0 203.0.113.1

Dynamic Routing with OSPF

! Enable OSPF routing
Switch(config)# router ospf 1
Switch(config-router)# router-id 1.1.1.1
Switch(config-router)# network 192.168.10.0 0.0.0.255 area 0
Switch(config-router)# network 192.168.20.0 0.0.0.255 area 0
Switch(config-router)# exit

Layer 3 Physical Interface

! Configure routed port (no switching)
Switch(config)# interface GigabitEthernet0/1
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.1.1.1 255.255.255.252
Switch(config-if)# no shutdown
Switch(config-if)# exit

Verification Commands

! Display routing table
Switch# show ip route

! Show interface IP configuration
Switch# show ip interface brief

! Verify routing protocols
Switch# show ip protocols

! Check CEF (Cisco Express Forwarding)
Switch# show ip cef

! Display ARP table
Switch# show ip arp

Common Use Cases

Layer 3 forwarding excels in:

  • Campus networks: Fast inter-VLAN routing in building distributions
  • Data centers: High-speed routing between server VLANs
  • Collapsed core designs: Combining routing and switching functions
  • Reducing latency: Hardware-based routing eliminates router bottlenecks

Best Practices

Use SVIs for VLAN routing and routed ports for WAN connections. Enable CEF for optimal performance. Implement routing protocols carefully to avoid loops. Always configure appropriate access lists for security between VLANs.

at No comments:
Labels:

Trunk Ports in Layer 2 Switching

Trunk ports are switch ports configured to carry traffic for multiple VLANs simultaneously. 

They use VLAN tagging protocols to identify which VLAN each frame belongs to, making them essential for inter-switch communications and connecting to routers or servers that need access to multiple VLANs.

Key Characteristics

Trunk ports have these defining features:

  • Multiple VLAN support: Carry traffic for many VLANs on a single link
  • VLAN tagging: Use 802.1Q or ISL protocols to tag frames
  • Switch-to-switch connectivity: Primary method for connecting switches
  • Native VLAN: One VLAN remains untagged for backward compatibility

How Trunk Ports Work

When a frame enters a trunk port, the switch reads the VLAN tag to determine which VLAN it belongs to. Frames are tagged with a 4-byte 802.1Q header containing the VLAN ID. The native VLAN (default VLAN 1) sends untagged traffic, while all other VLANs are tagged.

Configuration Examples

Basic Cisco Trunk Configuration

! Enter interface configuration mode
Switch(config)# interface GigabitEthernet0/1

! Set port to trunk mode
Switch(config-if)# switchport mode trunk

! Specify trunking protocol (802.1Q)
Switch(config-if)# switchport trunk encapsulation dot1q

! Set native VLAN (optional, default is VLAN 1)
Switch(config-if)# switchport trunk native vlan 99

! Allow specific VLANs only
Switch(config-if)# switchport trunk allowed vlan 10,20,30,40

! Exit and save
Switch(config-if)# end
Switch# write memory

Advanced Trunk Configuration

! Configure trunk with VLAN pruning
Switch(config)# interface GigabitEthernet0/2

Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q

! Allow VLANs 10-50 except 25
Switch(config-if)# switchport trunk allowed vlan 10-24,26-50

! Add VLANs to existing allowed list
Switch(config-if)# switchport trunk allowed vlan add 60,70

! Remove VLANs from allowed list
Switch(config-if)# switchport trunk allowed vlan remove 15

Verification Commands

! Show trunk status and VLANs
Switch# show interfaces trunk

! Detailed trunk information
Switch# show interfaces GigabitEthernet0/1 switchport

! Show native VLAN mismatches
Switch# show spanning-tree inconsistentports

Common Use Cases

Trunk ports are essential for:

  • Inter-switch links: Connecting multiple switches in a network
  • Router connections: Connecting to router subinterfaces for inter-VLAN routing
  • Virtualization servers: Connecting ESXi or Hyper-V hosts needing multiple VLANs
  • Wireless controllers: Distributing multiple SSIDs across VLANs

Best Practices

Always manually configure trunk ports rather than using DTP (Dynamic Trunking Protocol). Change the native VLAN from default VLAN 1 for security. Explicitly define allowed VLANs to reduce unnecessary broadcast traffic. Match native VLANs on both ends of trunk links to avoid connectivity issues.

Security Considerations

Disable DTP with switchport nonegotiate to prevent VLAN hopping attacks. Avoid using VLAN 1 as the native VLAN, and never allow all VLANs on trunks unnecessarily.

at No comments:
Labels:

Access Ports

Access ports are switch ports configured to carry traffic for a single VLAN. They're the most common port type used to connect end devices like computers, printers, phones, and servers to a network switch.

Key Characteristics

Access ports operate at Layer 2 of the OSI model and have these defining features:

  • Single VLAN membership: Each access port belongs to only one VLAN
  • Untagged traffic: Frames leaving the port have no VLAN tag (the switch strips it)
  • End device connectivity: Designed for devices that don't understand VLAN tagging
  • Simple configuration: Minimal setup required compared to trunk ports

How Access Ports Work

When a frame arrives at an access port from a connected device, the switch adds the configured VLAN tag internally. When sending frames out an access port, the switch removes the VLAN tag, so the end device receives untagged Ethernet frames. This transparent operation allows devices to communicate within their VLAN without VLAN awareness.

Configuration Examples

Cisco IOS Configuration

! Enter interface configuration mode
Switch(config)# interface FastEthernet0/1

! Set port to access mode
Switch(config-if)# switchport mode access

! Assign to VLAN 10
Switch(config-if)# switchport access vlan 10

! Optional: Enable PortFast for faster connectivity
Switch(config-if)# spanning-tree portfast

! Exit and save
Switch(config-if)# end
Switch# write memory

Multiple Port Configuration

! Configure multiple ports simultaneously
Switch(config)# interface range FastEthernet0/1-24

Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 20
Switch(config-if-range)# spanning-tree portfast
Switch(config-if-range)# exit

Verification Commands

! Show interface switchport status
Switch# show interfaces FastEthernet0/1 switchport

! Display VLAN assignments
Switch# show vlan brief

! Check interface status
Switch# show interfaces status

Common Use Cases

Access ports are ideal for:

  • Connecting user workstations to departmental VLANs
  • Isolating guest WiFi access points
  • Segmenting IP phones onto voice VLANs
  • Connecting printers to management VLANs
  • Securing server connections to specific VLANs

Best Practices

Always explicitly configure ports as access ports rather than relying on defaults. Disable unused ports and assign them to an unused VLAN for security. Use PortFast on access ports to reduce convergence time, but never on ports connected to other switches.

at No comments:
Labels:
Subscribe to: Posts (Atom)