Networking/Computing Tips/Tricks

Rate this content:
5 of 5 - 2 votes
Thank you for rating this article.
Check out these additional Routing Resources:
Our IP Routing course at Udemy Our Custom Profiles for Wireshark Classes at the Online School

In a recent course on IPv6, one of my students asked what the “network” command did as we were beginning to study the routing commands used in Cisco IOS when configuring OSPF. In attempting to answer the question, I was asked a second question that challenged my explanation. I have been asked this question before, and it was obvious to me that there are some misunderstandings as to what exactly this command means.

First, in IPv6, there is no network command that does what the network command does in OSPF and BGP for IPv4.  In OSPFv3 (the OSPF for IPv6) the network command is used to identify the type of interface.  You can read more here.  Further, this article does not discuss allowing networks to be advertised or not advertised between OSPF areas.  That is done with the 'area range' command. You can read more about that here.

The 'network' command is used in OSPFv2 (for IPv4 routing).  This article fully explains and illustrates what this “network” command does and does not do, and I hope this clarification is helpful to others as well.

Let’s begin with a definition, in my own words as to what the network command is. The command is used to identify which interface address on the router being configured will be included within the OSPF process and to what area the interface will be assigned to. Think of it as an ‘allow’ command - allow this network to be advertised.

The correct usage of the network command is vital for the operation of the OSPF network. The full command is:

network ip-address wildcard-mask area area-id

Often the wildcard-mask is a stumbling point of configuration as it is written the opposite, or inverse, of common subnet mask notation. For example, the subnet mask would be identified with a wildcard-mask of In this wildcard-mask the zero’s mean that portion of the address must match, and the one’s mean any match.

The area-id portion of the command is used to assign an interface (and the network it represents) into a specific OSPF area; OSPF areas are used to provide a two level hierarchy to the routing network.

When enabling the routing protocol OSPF there is a minimum set of commands that I always use (the following example is for OSPFv2, IPv4 networking):

configure terminal
router ospf 1
network area 0

Based on the explanation above, we would read the network command as “allow network anything (all the bits are wildcard-mask) to be advertised as belonging to area 0”.

I have created a simple little network topology to demonstrate this configuration. Note the Routers in the topology are connected with interfaces that use subnetworks in the 192.168.something addressing space and 172.16.something address space, and they have loop back addresses configured as or or addresses, with each of those being 32 bit masked addresses.


I will begin by adding the simplest OSPF configuration from above to get OSPF routing working:


If I look at any of the routing tables, we can see that all nodes are receiving all the configured routes:


This is because any configured interface address on any of the routers is being “allowed” to be advertised. For some networks this may not be acceptable. For example, if there is a management interface on our network, we may not want to advertise those interfaces. So, first let’s simply add a 10.something 32 bit look back address to each of the routers:


If we look again at the routing tables, all these addresses are showing up. So now, let’s change the network commands to allow the or or and the 192.168.1.anything and the 172.16.anything addresses, but not allows the 10.anything addresses. To do this we must, under the OSPF process, first negate the prior network command that allows any address, and add network commands as follows (on Router 1):

no network area 0
network area 0
network area 0
network area 0

The first command negates the prior network command.
The second command allows the loopback address
The third command allows the 192.168.1.anything networks to be advertised
The fourth command allows the 172.16.anything networks to be advertised, but critically since the 10.anything networks are not being allowed they will not be advertised.


The resulting routing tables now do not show any 10.anything addresses from other routers. The only one present will be that of the locally configured address:


With all of that understood, and the fact we stated that there is no network command as such in OSPFv3 at the beginning of the article, how do you not advertise certain routes in and IPv6 network?  The answer is that you need to understand OSPFv3 configuration, and you would simply leave off the interface association to the OSPF process.  You can read more in an article I have written for that here.

I think this clearly illustrates the network command meaning. The same applies to using the network command in other protocols such as BGP.

Comments?  Questions?  Thoughts?

I hope you find this article and its content helpful.  Comments are welcomed below.  If you would like to see more articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!, and all comments are welcome! 


Add comment


Did you learn something?
Did I save you time? 

Buy me a coffeeBuy me a coffee!

Find by Tag

5G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az ACL Addressing Analysis Ansible Architecture ARP Assessment AToM Backup Bandwidth BGP Bibliography Biography Briefings CBRS CellStream Cellular Central Office Cheat Sheet Chrome Cisco Clock Cloud Computer Consulting CPI Data Center Data Networking Decryption DHCPv4 DHCPv6 Display Filter DNS Documentation ECMP EIGRP Ethernet Flipping the Certification Model Follow Me Fragmentation Git GNS3 Google GQUIC Hands-On History Home Network HTTPS ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 In A Day Internet IOS Classic IoT IPv4 IPv6 L2 Switch L2VPN L3VPN LDP Learning Services Linux LLN Logging LoL M-BGP MAC MAC OSx Macro Microsoft mininet Monitoring Monitor Mode MPLS Multicast Name Resolution Netflow NetMon netsh Networking Network Science nmap Npcap nslookup Online Learning Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX Parrot Passwords pcap pcap-ng PIM Ping Policy Port Mirror POTS POTS to Pipes PPP Profile Profiles Programming Project Management Python QoS QUIC Requirements RFC RIP Routing RPL RSVP SAS SDN Security Self Certification Service Provider Small Business Smartport SONET Span Port SSH SSL Subnetting T-Shark TCP TCP/IP Telco Telecom 101 Telecommunications Telnet Terminal TLS Tools Traceroute Traffic Analysis Traffic Engineering Training Travel Troubleshooting Tunnel Utility Video Virtualbox Virtualization Voice VoIP VXLAN Webex Wi-Fi Wi-Fi 4 Wi-Fi 5 Wi-Fi 6 Wi-Fi 6/6E Windows Wireless Wireless 5G Wireshark Wireshark Tip WLAN ZigBee Zoom

Twitter Feed