Networking/Computing Tips/Tricks

In a recent course on IPv6, one of my students asked what the “network” command did as we were beginning to study the routing commands used in Cisco IOS when configuring OSPF. In attempting to answer the question, I was asked a second question that challenged my explanation. I have been asked this question before, and it was obvious to me that there are some misunderstandings as to what exactly this command means.

First, in IPv6, there is no network command that does what the network command does in OSPF and BGP for IPv4.  In OSPFv3 (the OSPF for IPv6) the network command is used to identify the type of interface.  You can read more here.  Further, this article does not discuss allowing networks to be advertised or not advertised between OSPF areas.  That is done with the 'area range' command. You can read more about that here.

The 'network' command is used in OSPFv2 (for IPv4 routing).  This article fully explains and illustrates what this “network” command does and does not do, and I hope this clarification is helpful to others as well.

Let’s begin with a definition, in my own words as to what the network command is. The command is used to identify which interface address on the router being configured will be included within the OSPF process and to what area the interface will be assigned to. Think of it as an ‘allow’ command - allow this network to be advertised.

The correct usage of the network command is vital for the operation of the OSPF network. The full command is:

network ip-address wildcard-mask area area-id

Often the wildcard-mask is a stumbling point of configuration as it is written the opposite, or inverse, of common subnet mask notation. For example, the subnet mask 255.255.255.0 would be identified with a wildcard-mask of 0.0.0.255. In this wildcard-mask the zero’s mean that portion of the address must match, and the one’s mean any match.

The area-id portion of the command is used to assign an interface (and the network it represents) into a specific OSPF area; OSPF areas are used to provide a two level hierarchy to the routing network.

When enabling the routing protocol OSPF there is a minimum set of commands that I always use (the following example is for OSPFv2, IPv4 networking):

configure terminal
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
end

Based on the explanation above, we would read the network command as “allow network anything (all the bits are wildcard-mask) to be advertised as belonging to area 0”.

I have created a simple little network topology to demonstrate this configuration. Note the Routers in the topology are connected with interfaces that use subnetworks in the 192.168.something addressing space and 172.16.something address space, and they have loop back addresses configured as 1.1.1.1 or 2.2.2.2 or 3.3.3.3 addresses, with each of those being 32 bit masked addresses.

networkcmd1 

I will begin by adding the simplest OSPF configuration from above to get OSPF routing working:

 networkcmd2

If I look at any of the routing tables, we can see that all nodes are receiving all the configured routes:

 networkcmd3

This is because any configured interface address on any of the routers is being “allowed” to be advertised. For some networks this may not be acceptable. For example, if there is a management interface on our network, we may not want to advertise those interfaces. So, first let’s simply add a 10.something 32 bit look back address to each of the routers:

 networkcmd4

If we look again at the routing tables, all these addresses are showing up. So now, let’s change the network commands to allow the 1.1.1.1 or 2.2.2.2 or 3.3.3.3 and the 192.168.1.anything and the 172.16.anything addresses, but not allows the 10.anything addresses. To do this we must, under the OSPF process, first negate the prior network command that allows any address, and add network commands as follows (on Router 1):

no network 0.0.0.0 255.255.255.255 area 0
network 1.1.1.1 0.0.0.0 area 0
network 192.168.1.0 0.0.0.255 area 0
network 172.16.0.0 0.0.255.255 area 0

The first command negates the prior network command.
The second command allows the loopback address 1.1.1.1
The third command allows the 192.168.1.anything networks to be advertised
The fourth command allows the 172.16.anything networks to be advertised, but critically since the 10.anything networks are not being allowed they will not be advertised.

 networkcmd5

The resulting routing tables now do not show any 10.anything addresses from other routers. The only one present will be that of the locally configured address:

 networkcmd6

With all of that understood, and the fact we stated that there is no network command as such in OSPFv3 at the beginning of the article, how do you not advertise certain routes in and IPv6 network?  The answer is that you need to understand OSPFv3 configuration, and you would simply leave off the interface association to the OSPF process.  You can read more in an article I have written for that here.

I think this clearly illustrates the network command meaning. The same applies to using the network command in other protocols such as BGP.

Comments?  Questions?  Thoughts?

 

Subscribe to our Newsletter!

Our Tag Cloud

4G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az Addressing Airlines Analysis Ansible Apple Architecture ARP ATM AToM Bandwidth BGP Billing Bloom's Taxonomy Briefings Cable CellStream Cellular Central Office Cheat Sheet Cisco Click Model Cloud Computer Consulting Crowd Funding Data Center Data Networking Decryption DHCPv6 dig DNS Documentation Early Adopter Ethernet Ethics Filter G-MPLS GNS3 Google Hands-On Hiring History Home Network HTTPS ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 Internet IoT IPv4 IPv6 IS-IS L2VPN L3VPN LDP Linux LLN M-BGP MAC Macro Management mergecap Microsoft mininet Monitoring MPLS Multicast Netcat NetMon netsh Networking News nmap NMS nslookup Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX OTT Personnel Policy POTS POTS to Pipes PPP Privacy Profile Project Management PW3E QoS Remote Desktop Requirements RIP Routig Routing RPL RSVP Rural Scanning SDN Security Sensor Service Provider Small Business SONET Spam Speed SS7 SSL Subnetting T-Shark TCP TCP/IP Technology Telco Telecom 101 Telecommunications Terminal TLS Tools TR-069 Traffic Engineering Training TRANSUM Travel Tunnel Ubuntu Utility Video Virtualization VoIP VRF Wi-Fi Windows Wireless Wireless 5G Wireshark WLAN ZigBee

Our Twitter Feed

SiteLock