Get Full Access to our 707 Cisco Lessons Now Start $1 Trial
You are here: Home » OSPF

How to configure OSPF Virtual Link

If you studied Cisco’s CCNA you have learned that when you use OSPF all the areas have to be directly connected to the backbone area. Is this really true? Areas have to be connected to the backbone area but if they aren’t we can fix it with a virtual link.

If you studied Cisco's CCNA you have learned that when you use OSPF all the areas have to be directly connected to the backbone area. Is this really true? Areas have to be connected to the backbone area but if they aren't we can fix it with a virtual link. Let me show you an example: Look at my pict

Let me show you an example:

ospf discontinuous area

Look at my picture above. We have three areas and on the left side is area 0. Area 2 is behind area 1. Normally this is not going to work since area 2 has to be directly connected to area 0. We can make this work by using a virtual link. By using a virtual link we can extend area 0 through area 1 so area 2 will be “directly connected” to area 0. Let’s take a look at how a virtual link can solve this problem:

ospf virtual link

This is basically how a virtual link works. It’s like a tunnel through area 1 to reach area 2. This way area 2 will be directly connected. Now let me show you how to configure a virtual link:

ospf virtual link topology

In the example above area 2 is not directly connected to area 0 so we’ll have to use a virtual link between routers R1 and R2, here’s how we do it:

R1(config)#router ospf 1
R1(config-router)#network 1.1.1.0 0.0.0.255 area 0
R1(config-router)#network 192.168.12.0 0.0.0.255 area 1 
R2(config)#router ospf 1
R2(config-router)#network 192.168.12.0 0.0.0.255 area 1
R2(config-router)#network 192.168.23.0 0.0.0.255 area 2
R3(config)#router ospf 1
R3(config-router)#network 192.168.23.0 0.0.0.255 area 2

I’ll start with a default OSPF configuration.

R1(config)#router ospf 1
R1(config-router)#area 1 virtual-link 192.168.23.2
R2(config)#router ospf 1
R2(config-router)#area 1 virtual-link 1.1.1.1

We configure the virtual-link between ABRs and we use the area virtual-link command. First you need to specify the area 1 where we need the virtual-link which is area 1 in my example. Second step is to configure the OSPF router ID of the other ABR. Keep this in mind…you need to configure the OSPF router ID and NOT the IP address of the ABR. If everything is OK area 2 will have be directly connected to area 0 through our virtual-link.

R1# %OSPF-5-ADJCHG  Process 1, Nbr 192.168.23.2 on OSPF_VL0 from LOADING to FULL, Loading Done
R2# %OSPF-5-ADJCHG: Process 1, Nbr 1.1.1.1 on OSPF_VL0 from LOADING to FULL, Loading Done

You will see the message above that tells us the virtual link is established.

R1#show ip ospf virtual-links 
Virtual Link OSPF_VL0 to router 192.168.23.2 is up
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 1, via interface FastEthernet0/0, Cost of using 1
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:06
    Adjacency State FULL (Hello suppressed)
    Index 1/2, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec
R2#show ip ospf virtual-links 
Virtual Link OSPF_VL0 to router 1.1.1.1 is up
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 1, via interface FastEthernet0/0, Cost of using 1
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:05
    Adjacency State FULL (Hello suppressed)
    Index 1/3, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec

You can use the show ip ospf virtual-links command to check if your virtual-link is working.

R1#show ip ospf database 

            OSPF Router with ID (1.1.1.1) (Process ID 1)

		Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         189         0x80000004 0x00E333 2
192.168.23.2    192.168.23.2    1     (DNA) 0x80000002 0x009816 1
R2#show ip ospf database 

            OSPF Router with ID (192.168.23.2) (Process ID 1)

		Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         1     (DNA) 0x80000004 0x00E333 2
192.168.23.2    192.168.23.2    159         0x80000002 0x009816 1

If you look at the LSDB you will see that the virtual-link shows up as a type 1 router LSA. You can also see DNA which means do not age.

Configurations

Want to take a look for yourself? Here you will find the final configuration of each device.

R2

hostname R2
!
interface FastEthernet0/0
 ip address 192.168.12.2 255.255.255.0
!
interface FastEthernet1/0
 ip address 192.168.23.2 255.255.255.0
!
router ospf 1
 area 1 virtual-link 1.1.1.1
 network 192.168.12.0 0.0.0.255 area 1
 network 192.168.23.0 0.0.0.255 area 2
!
end

R1

hostname R1
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
!
router ospf 1
 area 1 virtual-link 192.168.23.2
 network 1.1.1.0 0.0.0.255 area 0
 network 192.168.12.0 0.0.0.255 area 1
!
end

R3

hostname R3
!
interface FastEthernet0/0
 ip address 192.168.23.3 255.255.255.0
!
router ospf 1
 network 192.168.23.0 0.0.0.255 area 2
!
end


Any other situation where we need a virtual-link? What about a discontinuous backbone area? Let me show you an example:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 707 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)
Give Membership a try - it's just $1 ►

477 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Forum Replies

  1. Hello Stuart.

    Here is the diagram that Rene has in his lesson:

    //cdn-forum.networklessons.com/uploads/default/original/1X/7c5c0badd9511411a37f8e6335b9a3aeed8e925b.png

    A virtual link has been created between the L0 interface of R1 and the Fa1/0 interface of R2.

    The OSPF packets between the two ends of the virtual link are not multicast packets. (Note the two ends of the virtual link are the L0 interface of R1 and the Fa1/0 interface of R2). LSAs that are sent over the virtual link are actually tunnelled packets between 192.168.23.2 and 1.1.1.1, based on the ne

    ... Continue reading in our forum

  2. Hello James

    When implementing the area 1 virtual-link command, we don’t indicate the router on the other end of the virtual link with an IP address of an interface, but with the router ID. Notice that before the virtual link commands are implemented, the following show commands were used to determine the router IDs:

    //cdn-forum.networklessons.com/uploads/default/original/1X/26bd3c0685502036ae0813ba0c3c7b0a2071eb00.png

    It is these two router IDs that are being used in the subsequent virtual-link commands. Note that initially, the virtual link is down because t

    ... Continue reading in our forum

  3. Hi Laz,
    I think you can’t catch my question…
    Visualize a topology like …

    area0>> Area-1 stub/nssa >> Area-2
    so upon on above scenario the Area-2 have to connect to Area-0 using Virtual link to make the area functioning. Technically Virtual link not possible over the Stub/nssa area why ?? Thx

    br//zaman

  4. Hi Zeko,

    If you enable authentication for virtual links, you have to enable it globally for area 0 and set the password on the virtual link command. Here’s an example:

    R1#show run | begin ospf
router ospf 1
 area 0 authentication
 area 1 virtual-link 2.2.2.2 authentication-key NWL

    Authentication is enabled for area 0, the virtual link goes through area 1 and has the password. You can see it works with this command:

    R1#show ip ospf virtual-links 
Virtual Link OSPF_VL0 to router 192.168.23.2 is up
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 1,
    ... Continue reading in our forum

  5. Hello Sameer

    The virtual link is created between ABRs. The ABRs don’t have to be directly connected, they simply each need at least one interface within the area that needs to be traversed. Take a look at this diagram:

    https://cdn-forum.networklessons.com/uploads/default/original/2X/3/3ef3ebc983a89d7db141a1a5d04db3957f822371.png


    Here we see Area 1 with many routers. Area 1 is the area that has to be traversed by the virtual link. R1 and R2 are ABRs and each have one interface within Area 1. The virtual link is created between R1 and R2. They don’t have to... Continue reading in our forum

65 more replies! Ask a question or join the discussion by visiting our Community Forum

We use cookies to give you the best personal experience on our website. By using our website, you agree to our use of cookies Read more.