OSPF in 12 Minutes — The Mental Model Before the Commands (CCNA)

OSPF is the routing protocol most CCNA candidates fight with the longest. Not because it’s actually hard — it’s because most courses dump 50 commands on you before they explain what OSPF is doing internally. Once you have the story, the commands become trivial.

Here’s the 12-minute version we use in the CCNA Career Track.

The one-line idea

Every OSPF router builds a complete map of the network, runs the same shortest-path algorithm on it, and arrives at the same forwarding decisions independently. No central coordinator. No “one router tells another what to do.” Just everyone sharing the same map and doing the same math.

That’s it. The rest is implementation detail.

The four things every OSPF router does

1. Find neighbors (Hello protocol)

When OSPF starts on an interface, the router sends a multicast Hello packet to 224.0.0.5 every 10 seconds. Other OSPF-enabled routers on the same segment receive it and reply.

Hellos contain: router ID, area ID, hello/dead timers, authentication info, list of known neighbors.

For two routers to become neighbors:

• Same area ID
• Matching hello + dead timers
• Same subnet mask on the connected interface
• Matching authentication (if configured)

If any of these mismatch, neighbors never form. This is bug #1 in CCNA OSPF labs.

2. Build the link-state database (LSDB)

Once neighbors form, they exchange link-state advertisements (LSAs) — small messages describing each router’s links, costs, and neighbors.

A router’s full database is the union of every LSA from every OSPF router in its area. Eventually all routers in the same area have identical LSDBs — they each know about every other router and every link.

This is the “map.” Every router has the same map.

3. Run SPF (Shortest Path First / Dijkstra’s algorithm)

Each router, locally, runs the same shortest-path algorithm on its LSDB to compute the best path to every destination. Because the LSDB is identical across routers, the results are consistent — no loops, no disagreements.

The output is the routing table entries for OSPF-learned prefixes.

4. Forward packets

Each router uses its routing table to forward packets. When a link changes (goes down, cost adjusts), the router that owns the change floods a new LSA, every router updates its LSDB, every router re-runs SPF, and the routing table converges.

In OSPFv2, this typically completes in 1–5 seconds. That’s the “fast convergence” claim.

Why areas

When you only have 5 routers, every router holding a complete LSDB is fine. When you have 5,000 routers, the LSDB gets huge — too big for SPF to run frequently and too noisy to maintain.

Areas are OSPF’s answer. An area is a group of routers that share a complete LSDB for that area. Between areas, only summary information flows — the full detail of one area’s topology doesn’t leak into another.

Three rules to internalize:

1. Every OSPF network has an Area 0 (the backbone).
2. Every other area must connect to Area 0 — usually through a router with one foot in each (the Area Border Router, or ABR).
3. Routers inside an area know that area’s topology in detail; they know other areas only as summaries.

Result: a 5,000-router network with 10 areas of 500 routers each → each router only computes SPF for its own 500-router area, not all 5,000. Massive scale win.

For CCNA, single-area OSPF (everything in area 0) covers the exam. CCNP covers multi-area, NSSAs, virtual links, etc.

Router ID — the OSPF identity

Every OSPF router has a 32-bit Router ID that uniquely identifies it in the protocol. By default:

1. The highest IP on any active loopback interface, or
2. If no loopback, the highest IP on any active interface.

You should always set it explicitly to avoid surprises:

R1(config)# router ospf 1
R1(config-router)# router-id 1.1.1.1

The number after router ospf is the process ID — locally significant only, doesn’t have to match across routers. The router ID does need to be unique across the OSPF domain.

DR and BDR — only matter on broadcast networks

On a multi-access broadcast segment (Ethernet with 5 OSPF routers attached), having every router fully adjacent with every other router = O(N²) adjacencies, which doesn’t scale.

OSPF’s solution: elect a Designated Router (DR) and Backup DR (BDR) per segment. Every other router only forms full adjacency with the DR/BDR. The DR floods LSAs to everyone on the segment.

Election rules:

1. Highest OSPF priority wins (default 1; setting priority 0 removes the router from election entirely).
2. Tie-breaker: highest router ID wins.
3. No preemption — once a DR is elected, a new router showing up doesn’t unseat it.

This matters on Ethernet LANs with multiple routers, which is uncommon in modern designs. On point-to-point links (most WAN, most modern fabric) there’s no DR — both routers are adjacent directly.

Cost — how OSPF picks the best path

OSPF’s metric is cost, derived from interface bandwidth:

cost = reference-bandwidth / interface-bandwidth

Default reference-bandwidth is 100 Mbps. A 100 Mbps interface has cost 1; a 1 Gbps interface has cost 1 (because 100/1000 = 0.1, rounded up to 1).

That’s a problem in 2026 — every interface is gigabit or better, so they all have cost 1 and the metric loses meaning.

Fix: raise the reference-bandwidth on every router in the OSPF domain.

R1(config-router)# auto-cost reference-bandwidth 100000

Now 1G = cost 100, 10G = cost 10, 100G = cost 1. Realistic differentiation.

The minimum config to bring up OSPF

R1(config)# router ospf 1
R1(config-router)# router-id 1.1.1.1
R1(config-router)# network 10.0.0.0 0.0.0.255 area 0
R1(config-router)# network 192.168.10.0 0.0.0.255 area 0
R1(config-router)# auto-cost reference-bandwidth 100000

The network command uses a wildcard mask (inverse of subnet mask). 0.0.0.255 means “match the first 3 octets, ignore the last.” This network statement says “any interface whose IP falls within 10.0.0.0/24 should participate in OSPF area 0.”

The four commands you’ll live in

R1# show ip ospf neighbor
R1# show ip route ospf
R1# show ip ospf interface brief
R1# show ip ospf database

show ip ospf neighbor is the daily driver. If you don’t see the neighbor you expect, OSPF isn’t working — go check the four neighbor-matching criteria.

show ip route ospf shows the OSPF-learned routes in your routing table — the actual output of all the work.

show ip ospf interface brief shows which interfaces are participating, in which area, and (if applicable) the DR/BDR election results.

show ip ospf database shows the LSDB — the map. Useful for advanced troubleshooting.

Common mistakes

1. Mismatched timers — hello 5 / dead 20 on one router, hello 10 / dead 40 on the other. They never form neighbors.
2. Mismatched area — accidentally area 1 on one side, area 0 on the other. Same fate.
3. Mismatched subnet mask — /24 on one side, /30 on the other. Hellos arrive but adjacency fails.
4. Forgetting network for an interface — interface looks up, but OSPF never includes it because no network statement matches.
5. Asymmetric authentication — one side has it, the other doesn’t, or wrong key.

What’s next

• OSPF Single-Area library topic — the full reference with verification, common designs, and lab walkthroughs.
• OSPF Multi-Area (CCNP) — ABRs, LSA types, virtual links.
• Routing Decision Process — how the router actually picks between OSPF-learned routes and other sources.

If 12 minutes of reading was enough to make the idea click, congratulations — that’s the hard part. The commands are 30 minutes of practice, the troubleshooting is 30 hours, and the design judgment is 3 years. We compress those last two in the 1:1 program.