OSPF LSA Throttling

OSPF LSA throttling is a feature that delays the generation of LSAs during network instability. Before LSA throttling, LSA generation was rate-limited to 5 seconds because of the default LSA-wait timer interval. This meant that an LSA could not be propagated in milliseconds and thus OSPF sub-second convergence was impossible.

This feature is very similar to OSPF SPF throttling. The mechanism behind it is exactly the same. It uses three values:

  • lsa-start: the initial wait interval for LSA generation. It is 0 milliseconds which means that the first LSA will be generated immediately.
  • lsa-hold: the minimum hold time interval between two LSA generations. The default value is 5000 milliseconds and it doubles every time the same LSA has to be re-generated.
  • lsa-max: the maximum wait time interval between two LSA generations. The default value is 5000 milliseconds. It is also used to limit the maximum value of the lsa-hold value.

The first LSA that is generated uses the lsa-start timer, so it is generated immediately. If the same LSA has to be re-generated, it will use the lsa-hold value instead. When the LSA has to be generated the third time, the lsa-hold value will double. Each time the LSA is re-generated, the lsa-hold value will double until it reaches the lsa-max value.

An LSA is considered the same if the following three values are the same:

  • LSA ID number
  • LSA type
  • advertising router ID

Let’s look at an example where I use the following values:

  • lsa-start: 5000 milliseconds
  • lsa-hold: 10000 milliseconds
  • lsa-max: 60000 milliseconds

It starts with an event where an LSA should be generated, as indicated by the red arrow. Instead of generating and flooding it right away, we delay the LSA generation with the lsa-start value which is 5000 milliseconds (5 seconds):

lsa throttling start interval

During this time, another event happens and the LSA should be generated again. Once 5000 milliseconds have expired, we finally generate and flood the LSA, as indicated by the purple arrow:

lsa throttling start interval second lsa

The router now sets the wait interval to the lsa-hold value which is 10000 milliseconds (10 seconds). During this time, another LSA should be generated which is postponed until the timer expires. When 10 seconds have elapsed, the LSA is finally generated and flooded:

lsa throttling hold interval

The router now doubles the value of the lsa-hold so now it’s 2x 10000 = 20000 milliseconds (20 seconds). During this time, the network is stable and no LSAs have to be generated:

lsa throttling hold interval double

When another event occurs and an LSA should be generated, the router will now use the lsa-start value again:

lsa throttling start interval second

During this time, another interface flaps which means another LSA has to be generated. Once the lsa-start wait interval has expired, the LSA is generated and flooded:

lsa throttling start interval new lsa

The lsa-hold value doubles again, so now the LSA generation and flooding is delayed for 40 seconds. During this time, the network is stable:

lsa throttling quad lsa hold

When the same LSA doesn’t have to be generated again, we have to wait for the lsa-max value (60000 milliseconds) to expire:

lsa throttling lsa max

Once the lsa-max wait interval has expired, the lsa-hold value is reset to its default value of 10000 milliseconds. If the same LSA has to be generated again, it will be dealt with like the beginning of this example.

Configuration

Let’s see this in action. Here is the topology I will use:

ospf area 0 r1 r2 loopback

We only need two routers. R2 has a loopback interface that I will use to simulate a flapping interface.

Configurations

Want to take a look for yourself? Here you will find the startup configuration of each device.

R1

hostname R1
!
ip cef
!
interface GigabitEthernet0/1
 ip address 192.168.12.1 255.255.255.0
!
router ospf 1
 network 192.168.12.0 0.0.0.255 area 0
!
end

R2

hostname R2
!
ip cef
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/1
 ip address 192.168.12.2 255.255.255.0
!
router ospf 1
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.12.0 0.0.0.255 area 0
!
end

To change the LSA throttling timers, we have to use the timers throttle lsa command. First, you need to configure the start-lsa value:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 657 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

521 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Forum Replies

  1. Nice work Rene, just wondering in terms of the default values, the lsa-hold value will never double as the lsa max value is also 5 seconds. So it can never wait longer than 5 seconds before generating a new LSA?

  2. Hello: Why is there a flood sat 35 and 80. I do not see any outstanding LSAs

  3. Hi Ram,

    I understand the confusion, I’ll see if I’ll remove it. The third “flood” arrow is when normally a flood would occur, if an LSA was generated during the 2x LSA hold timer.

    Rene

  4. hello rene, good job , i am just confuse about lsa arrival timers in command (timers lsa arriver) why i need to set it & how reciever router recieve more than one lsa during 10000, & I am alreay set timers lsa throttle 5000 10000 60000 at sender neighbor router which already postpond flooding operation till 10000 lsa hold times expire.
    high appreciated your feedback

  5. Hello Saif

    Yes you are correct, that if you configure the first router in this particular topology with lsa throttle 5000 10000 60000 you will never have a case where you will receive the same LSA within 10000 milliseconds. However, this command is still useful especially if you are connecting your network with that of another entity using OSPF. You don’t have control over what the other side does, and frankly, you have no reason to trust them. So in order to protect your network, you can and should adjust the lsa arrival timer on your end to be safe.

    I hope this has been helpful!

    Laz

4 more replies! Ask a question or join the discussion by visiting our Community Forum