03-06-2006 02:22 AM - edited 03-03-2019 11:57 AM
Hi all,
I wish to know why OSPF is not using any L4 protocol(I know its encapsulated in IP),but see BGP is using TCP, also RIP is using UDP.But why OSPF is encapsulated in IP ?
Thanks,
Vijay
Solved! Go to Solution.
03-06-2006 02:54 AM
Vijay,
1. In Unix-like systems, you need to have a process owned by the root user in order to send out packets which use a L4 protocol other than TCP/UDP - not sure if that is true anymore but that was the case when OSPF was designed.
2. ISIS was designed for routing CLNP (Connectionless mode network protocol) packets, which is a layer 3 protocol with the ISO suite. This provides even more security than IP. Since it's run directly over L2, you cannot route the ISIS protocol packets. Therefore, it's hard to inject malicious packets into a segment from a remote network. The CLNP protocol uses NSAP addresses.
Hope that helps - pls rate the post if it does.
Paresh
03-06-2006 02:32 AM
Hi Vijay,
A good source of this information is John Moy's 'OSPF: Anatomy of an Internet Routing Protocol'
Here's a quick summary:
- OSPF did not require the reliability of TCP. Since link-state routing protocols have reliablity built into their flooding algorithms, the OSPF designers felt that TCP would "just get in the way"
- because it is easy for most users to send UDP packets on Unix-like systems, but the sending of packets directly over IP requires special privileges, it was felt that running it directly over IP would provide OSPF a bit more security.
- the UDP header would also have added another 8 bytes of overhead to OSPF packets
Hope that helps - pls rate the post if it does.
Paresh
03-06-2006 02:49 AM
Hi,
Thanks for your information.
I have two more questions:
1.Can you explain more on the security difference in transmiting IP and UDP/TCP ?
2.Also, ISIS is a Link State Routing protocol, then why it is encapsulated in L2 instead of any L3, I am not sure which L3 supports NSAP address ?
Thanks,
Vijay
03-06-2006 02:54 AM
Vijay,
1. In Unix-like systems, you need to have a process owned by the root user in order to send out packets which use a L4 protocol other than TCP/UDP - not sure if that is true anymore but that was the case when OSPF was designed.
2. ISIS was designed for routing CLNP (Connectionless mode network protocol) packets, which is a layer 3 protocol with the ISO suite. This provides even more security than IP. Since it's run directly over L2, you cannot route the ISIS protocol packets. Therefore, it's hard to inject malicious packets into a segment from a remote network. The CLNP protocol uses NSAP addresses.
Hope that helps - pls rate the post if it does.
Paresh
03-06-2006 02:42 AM
OSPF uses multicast addresses 224.0.0.5 (All OSPF Routers) and 224.0.0.6 (All OSPF DR's & BDR's).
Also to my best knowledge, RIP v1 uses a broadcast address of 255.255.255.255 and v2 uses a multicast address of 224.0.0.9.
As for why it uses IP, I think the term "the best network layer protocol in the world" says it all :D
HTH
Arvind
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: