ospf software configuration guide - microchip...

.ENT-AN1255-4.5

Application NoteOSPF Software Configuration Guide

Released

July 2018

Contents

1 Revision History.................................................................................................................................1

2 Introduction.......................................................................................................................................2

3 OSPF Introduction..............................................................................................................................33.1 AS and Router Types...........................................................................................................................................43.2 OSPF Areas..........................................................................................................................................................43.3 Link-State Packet Types.......................................................................................................................................53.4 DR Election..........................................................................................................................................................5

3.4.1 Neighbor and Adjacency......................................................................................................................6

4 Simple OSPF Configuration................................................................................................................74.1 Enabling OSPF on Routers...................................................................................................................................7

5 Configuring OSPF Router ID.............................................................................................................11

6 OSPF Interface.................................................................................................................................136.1 Configuring OSPF Passive Interface..................................................................................................................136.2 Interface Parameter Tuning..............................................................................................................................15

6.2.1 OSPF Interface Router Priority...........................................................................................................156.2.2 OSPF Interface Cost...........................................................................................................................156.2.3 OSPF Hello Interval and Dead Interval...............................................................................................166.2.4 OSPF Fast Hello Packets.....................................................................................................................176.2.5 OSPF Interface Retransmit Interval....................................................................................................176.2.6 Configuring OSPF Interface Parameters.............................................................................................18

7 OSPF Virtual Links............................................................................................................................207.1 Extend the Backbone Area...............................................................................................................................207.2 Connect Discontiguous Backbone Areas..........................................................................................................207.3 Configuring Virtual Link....................................................................................................................................21

8 OSPF Authentication........................................................................................................................238.1 Configuring Area Authentication......................................................................................................................238.2 Configuring Interface Authentication...............................................................................................................248.3 Configuring Virtual Link Authentication...........................................................................................................26

9 OSPF Stub Areas..............................................................................................................................299.1 Configuring OSPF Stub Areas............................................................................................................................329.2 Configuring NSSA..............................................................................................................................................34

10 OSPF Area Range...........................................................................................................................3710.1 Configuring OSPF Area Range.........................................................................................................................37

11 OSPF Route Redistribution............................................................................................................4011.1 Configuring OSPF Route Redistribution..........................................................................................................40

12 OSPF Stub Router..........................................................................................................................4312.1 Configuring OSPF Stub Router........................................................................................................................43

13 Restarting IP OSPF Process............................................................................................................45

14 OSPF Status....................................................................................................................................4614.1 Viewing General/Area Status..........................................................................................................................46

iiVPPD-04646 ENT-AN1255-4.5 Application Note Revision 1.1

Contents

14.2 Showing Neighbor Status................................................................................................................................4714.3 Viewing Interface Status.................................................................................................................................4814.4 Viewing Route Status......................................................................................................................................5014.5 Viewing OSPF Route Status.............................................................................................................................50

15 OSPF Configuration Examples........................................................................................................5315.1 Single Area (Backbone Area) Example............................................................................................................5315.2 Multiple Area Example...................................................................................................................................53

16 Appendices....................................................................................................................................5516.1 Unsupported List............................................................................................................................................5516.2 Configuration Considerations.........................................................................................................................5516.3 OSPF Commands on Cisco Layer 3 Switch Product (3650/ 3750)...................................................................5516.4 Known Issues..................................................................................................................................................58

16.4.1 Link Metric.......................................................................................................................................5816.4.2 Only the Last Message Digest Key is Applied...................................................................................58

16.5 Frequently Asked Questions...........................................................................................................................5816.5.1 Why does the OSPF Adjacency State Continuously Switch Between 'ExStart' and'Exchange'?.................................................................................................................................................58

iiiVPPD-04646 ENT-AN1255-4.5 Application Note Revision 1.1

Contents

Tables

Table 1 • Limitations...........................................................................................................................................................55Table 2 • OSPF Commands on a Cisco Layer 3 Switch........................................................................................................55Table 3 • OSPF Retransmit Interval Adjustment Suggestion...............................................................................................58

ivVPPD-04646 ENT-AN1255-4.5 Application Note Revision 1.1

Tables

Figures

Figure 1 • AS and Border Router Types................................................................................................................................4Figure 2 • OSPF Link-State Packet Types...............................................................................................................................5Figure 3 • OSPF Adjacency Example.....................................................................................................................................6Figure 4 • Simple Backbone Area Topology..........................................................................................................................7Figure 5 • Configure VLAN....................................................................................................................................................8Figure 6 • Configure IP Address and Enable IP Routing........................................................................................................8Figure 7 • Enable OSPF.........................................................................................................................................................8Figure 8 • Configure OSPF Network Area.............................................................................................................................8Figure 9 • OSPF Router ID Example....................................................................................................................................11Figure 10 • Configure OSPF Router ID................................................................................................................................12Figure 11 • Configure OSPF Passive Interface....................................................................................................................13Figure 12 • Configure OSPF Passive Interface Default Setting............................................................................................14Figure 13 • Configure OSPF Interface Parameters..............................................................................................................18Figure 14 • OSPF Virtual Link Example Topology................................................................................................................20Figure 15 • OSPF Discontiguous Area Example Topology...................................................................................................21Figure 16 • Configure OSPF Virtual Link.............................................................................................................................21Figure 17 • OSPF Area Authentication Topology................................................................................................................23Figure 18 • Configure an OSPF Area Authentication..........................................................................................................23Figure 19 • OSPF Interface Authentication Topology.........................................................................................................24Figure 20 • Configure OSPF Interface Authentication........................................................................................................25Figure 21 • OSPF Virtual Link Topology..............................................................................................................................26Figure 22 • Configure OSPF Virtual Link Authentication....................................................................................................27Figure 23 • OSPF Stub Area Example..................................................................................................................................29Figure 24 • OSPF Totally Stubby Area Example..................................................................................................................30Figure 25 • OSPF NSSA Example Topology.........................................................................................................................31Figure 26 • OSPF Totally NSSA Example Topology..............................................................................................................31Figure 27 • OSPF Stub Area Topology.................................................................................................................................32Figure 28 • Configure OSPF Stub Area................................................................................................................................33Figure 29 • OSPF NSSA Topology........................................................................................................................................34Figure 30 • Configure OSPF Stub Area................................................................................................................................35Figure 31 • Configure OSPF Area Range.............................................................................................................................37Figure 32 • Configure OSPF Area Range.............................................................................................................................38Figure 33 • OSPF Route Redistribution Topology...............................................................................................................40Figure 34 • Configure OSPF Route Redistribution..............................................................................................................42Figure 35 • OSPF Stub Router Topology.............................................................................................................................43Figure 36 • Configure OSPF Stub Router............................................................................................................................44Figure 37 • Clear IP OSPF Process.......................................................................................................................................45Figure 38 • OSPF General Status........................................................................................................................................46Figure 39 • OSPF Area Status..............................................................................................................................................46Figure 40 • OSPF Neighbor Status......................................................................................................................................47Figure 41 • OSPF Neighbor Detail Status............................................................................................................................48Figure 42 • OSPF Interface Status.......................................................................................................................................49Figure 43 • Route Status.....................................................................................................................................................50Figure 44 • OSPF Route Status............................................................................................................................................51Figure 45 • Single Area Example Topology.........................................................................................................................53Figure 46 • Multiple Area Example Topology.....................................................................................................................53

vVPPD-04646 ENT-AN1255-4.5 Application Note Revision 1.1

Figures

1 Revision History

The revision history describes the changes that were implemented in the document. The changes are listedby revision, starting with the most current publication.

Revision 1.1Revision 1.1was published in July 2018 to alignwith the Linux application software release 4.5. The followingis a summary of changes in revision 1.1 of this document.

• The OSPF Stub Areas section was updated with NSSA information. For more information, see OSPF Stub Areas on page 29.

• The Configuring NSSA section was added. For more information, see Configuring NSSA on page 34.

• The OSPF Stub Router section was added. For more information, see OSPF Stub Router on page 43.

• The Viewing General/Area Status section was updated. For more information, see Viewing General/Area Status on page 46.

• The Viewing OSPF Route Status section was added. For more information, see Viewing OSPF Route Status on page 50.

• The Multiple Area Example section was updated. For more information, seeMultiple Area Example on page 53.

Revision 1.0Revision 1.0 was published in June 2018. It was the first publication of this document.

1VPPD-04646 ENT-AN1255-4.5 Application Note Revision 1.1

Revision History

2 Introduction

This document provides examples on how to configure OSPF using the command line interface (CLI) andalso the web interface. The commands are available in the APPL-4.4 SW release package and above.• To use the CLI as themanagement interface, a serial console connection is required between the device

and the management platform. No network connection is required to use the CLI, but a terminalemulator software has to be installed.


Introduction

3 OSPF Introduction

Open shortest path first (OSPF) is a routing protocol for internet protocol (IP) networks. It is an interiorgateway protocol (IGP) developed by the OSPF working group of the internet engineering task force (IETF).RFC 2328 defines OSPF version 2 for IPv4 and RFC 5340 defines OSPF version 3 for IPv6. The current ENTproducts only support OSPF for IPv4.

OSPF is a link-state routing protocol and designed to be run internally within a single autonomous system.Each router maintains a link-state database describing the topology of the autonomous system. From thisdatabase, each router constructs a shortest path first tree (SPF tree), that determines the (lowest cost)routes to different networks.

The implementation utilizes an open-source router called free range router (FRR) that is a fork of theopen-source Quagga router. It supports a variety of routing protocol daemons including BGP, IS-IS, LDP,OSPF, PIM, and RIP. Among these, only OSPF is supported by certain ENT products.

Compared with another routing protocol, routing information protocol (RIP), OSPF has the followingadvantages.• Shortest path first—chooses the best routing path according to route metrics• Bandwidth optimization—less frequent routing updates by divided areas• No 15 hops limit as in RIP• OSPF converges faster than RIP in large networks• Supports routing data authentication• Supports variable-length subnet mask (VLSM)

Before going into the details of various configuration setup, some basic concepts of OSPF networking arenecessary.


OSPF Introduction

3.1 AS and Router TypesThe following illustration shows AS and different router types.

Figure 1 • AS and Border Router Types

• Autonomous system (AS)—a group of networks under a single administrative control. An interiorgateway protocol (IGP) refers to a routing protocol that handles routing within a single autonomoussystem. IGPs include RIP, IGRP, EIGRP, and OSPF.

• Area border router (ABR)—a router that connects to multiple areas.• Autonomous system border router (ASBR)—a router that connects different ASs, that is, it acts as a

gateway between OSPF and other routing protocols (IGRP, RIP, BGP, and so on.)• Designated router (DR)—a designated router is selected on every broadcast network. It generates

link-state packets for the network and synchronizes the link-state database with all other routers onthe network. The designated router concept also reduces the amount of routing protocol traffic.

• Backup designated router (BDR)—the backup designated router also synchronizes the link-statedatabases with all other routers on the network, but does not generate link-state packets for thenetwork.When aDR fails, the BDRbecomes the newDR. This transition does not need to resynchronizethe link-state database that can potentially take quite some time. The backup designated router conceptmakes the transition smoother.

3.2 OSPF AreasOSPF allows grouping of contiguous networks and hosts into so-called areas. The topology of an area isinvisible from the outside of the area. A router has a separate link-state database for each area it is connectedto. This reduces the OSPF traffic sent on the network and also the size of the topology database a routermust maintain.• Backbone area—the OSPF backbone is the central area of an AS and all other areas must be directly

connected to the backbone area. The backbone area distributes routing information betweennon-backbone areas. The backbone area needs to be contiguous.


OSPF Introduction

• Transit area—when an area can carry data traffic that neither originates nor terminates in the areaitself, it is an transit area.

• Stub area—OSPF allows certain areas to be configured as stub areas. AS external routing informationis not flooded into stub areas. Instead, a default route is advertised into the stub area through one ormore of the ARBs of the stub area.

3.3 Link-State Packet TypesThere are four major link-state packet types (LS types).

Figure 2 • OSPF Link-State Packet Types

• Router LSA (type 1)—originated by a router. This describes the the state and the cost of the link(interfaces) to the intra area of the router.

• Network LSA (type 2)—originated by a DR. This describes all the routers attached to the networksegment.

• Summary LSA (type 3 and 4)—originated by an ABR. This describes the networks between backbonearea and inter area.

• External LSA (type 5 and 7)—originated by a ASBR. This describes the networks outside of the AS.

3.4 DR ElectionOSPF hello packets are exchanged using IP multicast packets on each network segment. Designated router(DR) and backup designated router (BDR) election is done through the hello packet. The router with thehighest OSFP priority is selected as the DR on the segment and the one with the second-highest OSPFpriority is selected as the BDR.

Note:

Priority value 0 indicates that an interface is not to be elected as DR or BDR. This is knownas a DROTHER router.


OSPF Introduction

3.4.1 Neighbor and AdjacencySPF neighbor is the relationship that is established among OSPF intra-area routers that share a commonnetwork segment and area. Adjacencies are createdwhen neighboring routers exchange routing informationwith each other. The adjacency states are listed below.

Figure 3 • OSPF Adjacency Example

• Down: The initial state of a conversation when no information has been exchanged.• Attempt: Similar to the Down state, but is only used on Non-broadcast multiple- access (NBMA)

networks.• Init: Hello packet has been received from neighbor. But bidirectional communication has not yet been

established with the neighbor.• 2-Way: Communication with neighbor is bidirectional.• ExStart: Decide amaster/slave relationship and an initial sequence number for later adjacency building

process.• Exchange: Describe the entire link state database to the neighbor.• Loading: Request the most recent LSAs from neighbor.• Full: The adjacency is completed.


OSPF Introduction

4 Simple OSPF Configuration

In this section, we present a simple example to show how to enable OSPF on two routers in the backbonearea. This involves two actions: enable OSPF process and enable OSPF on the specified network.

When OSPF is disabled, no OSPF control frames are transmitted and the router does not react to OSPFcontrol frames sent by others. There is no OSPF status when disabled.

When both OSPF routing and a network are enabled, the corresponding interfaces transmit OSPF controlframes periodically, advertising routing updates. The frames received from the corresponding interfacesare also processed.

Note:

Before enabling OSPF, the IP routing capability must be enabled first. This can be doneby issuing the 'ip routing' CLI command in global configuration mode.

4.1 Enabling OSPF on RoutersFor example, there are two routers. Router-1 and Router-2 are connected to Area 0 (0.0.0.0). Router-1can reach192.168.1.0/24 andRouter-2 can reachboth192.168.1.0/24 and192.168.2.0/24.

This topology is depicted in the following illustration.

Figure 4 • Simple Backbone Area Topology

To enable OSPF on two routers in the backbone area, perform the following steps.


Simple OSPF Configuration

1. Click Configuration > VLANs > Configuration, set up Port 1 as member of VLAN 100 as shown in thefollowing figure, and then click Save.

Figure 5 • Configure VLAN

2. Click Configuration > System > IP, in theMode list, click Router, and then click Add Interface to createan IP interface.

Figure 6 • Configure IP Address and Enable IP Routing

3. Set up VLAN, IPv4 Address, andMask Length as shown in the previous figure and then click Save.

4. Click Configuration > OSPF > Configuration, and in the OSPF Router Mode list, click Enable.

Figure 7 • Enable OSPF

5. Click Configuration > OSPF > Network Area, press Add New Entry, and then configure Network Rangeand Area ID as shown in the following figure.

Figure 8 • Configure OSPF Network Area

Note:

Use the OSPF Status web page to verify the current settings. For more information, seeViewing General/Area Status on page 46.

The same configuration can be set up through CLI. Before looking at the commands, let us go through thecommand syntax.



Use the ip routing' command in global configuration mode to enable the IP routing capability. Use theno form to disable the IP routing capability.

Syntax• ip routing

• no ip routing

Default

IP routing capability is disabled. Therefore, the default is the host mode.

Use the router ospf command in global configuration mode to enable OSPF routing. Use the no formto disable OSPF routing.

Syntax• router ospf

• no router ospf

Default

OSPF routing is disabled.

Use the network area command in the router configuration mode to set the OSPF network area ID ona specific interface. The area ID is typically formatted as an IP address. Use the no form to remove thesetting. To enable OSPF on multiple network segments, the command must be issued multiple times.

Syntax• network <ipv4_addr> <wildcard_mask> area <area_id>

• no network <ipv4_addr> <wildcard_mask> [ area <area_id> ]

Parameters• <ipv4_addr> <wildcard_mask>: The pair of these two parameters indicate an address range,

which allows the user to define one ormultiple interfaceswithin this address range and associate themwith a specific OSPF area ID. Notice that in OSPF, regular IPv4 network masks are inverted, and calledwildcardmasks. Thismeans that an IP segment of192.168.1.0/24will bewritten as192.168.1.00.0.0.255. Throughout this document, 192.168.1.0/24means an IPv4 network with networkmask 255.255.255.0 and wildcard mask 0.0.0.255.

• <area_id>: The OSPF area ID is a 32-bit number used to associate the OSPF address range with aparticular area. It can be specified as either an IPv4 address format (A.B.C.D) or as a decimal valuefrom 0 to 4294967295.

Default

No OSPF network is configured.Note:

The software prohibits the network address range overlapping to avoid conflict.



The equivalent CLI commands are:

! Step 1 (both Router-1 and Router-2). Enable IP routing using OSPF and enable OSPF on network 192.168.1.0/24 in area 0 through CLI.

! Enter global configuration mode.# configure terminal ! Create a VLAN, and enter VLAN configuration mode. (config)# vlan 100 ! Specify the interface to configure, and enter the interface configuration mode. (config-vlan)# interface GigabitEthernet 1/1! Set the access mode of the interface to the specified VLAN. (config-if)# switchport access vlan 100Specify the interface to configure, and enter the VLAN interface configuration mode.(config-if)# interface vlan 100 ! Configure an IP address for an interface.For Router-1: Configure IP address192.168.1.1/24.(config-if-vlan)# ip addr192.168.1.1 255.255.255.0For Router-2: Configure IP address192.168.1.2./24.(config-if-vlan)# ip addr192.168.1.2 255.255.255.0! Enable the IP routing capability.(config)# ip routing ! Enable the OSPF routing process and enter the OSPF router configuration mode.(config)# router ospf ! Configure the OSPF network area. The configured network segment must not overlap with other network segments.

(config-router)# network 192.168.1.0 0.0.0.255 area 0

! Step 2 (Router-2, only). Enable OSPF on network 192.168.2.0/24 in area 0 through CLI.! Enter global configuration mode.# configure terminal ! Create a VLAN, and enter VLAN configuration mode.(config)# vlan 200 ! Specify the interface to configure, and enter the interface configuration mode.(config-vlan)# interface GigabitEthernet 1/2! Set the access mode of the interface to the specified VLAN.(config-if)# switchport access vlan 200Specify the interface to configure and enter the VLAN interface configuration mode.(config-if)# interface vlan 200! Configure an IP address for an interface. (config-if-vlan)# ip addr 192.168.2.2 255.255.255.0Enable the OSPF routing process and enter the OSPF router configuration mode.(config)# router ospf ! Configure the OSPF network area. The configured network segment must not overlap with other network segments.(config-router)# network 192.168.2.0 0.0.0.255 area 0

Note:

Use the show ip ospf command to verify the current settings. For more information,see Viewing General/Area Status on page 46.



5 Configuring OSPF Router ID

The router ID is a 32-bit number (typically formatted as an IPv4 address), uniquely identifying the router inthe autonomous system.

When the router ID is changed, ensure to restart the OSPF router process. For more information,seeRestarting IP OSPF Process on page 45.

Note:

It is the user’s responsibility to ensure that the ID is uniquewithin the entire OSPF domain.If the router ID is not set explicitly, then the router uses the highest active interface IPaddress as its router ID.

The following illustration depicts an example of specific router ID 0.0.0.1 for Router-1 and automode routerID for Router-2.

Figure 9 • OSPF Router ID Example

To configure the required OSPF router ID, perform the following step.


Configuring OSPF Router ID

• Click Configuration > OSPF > Configuration, select the Specific option and type the specified router IDas shown in the following figure.

Figure 10 • Configure OSPF Router ID

Note:

Use the OSPF Status page to verify the setting. For more information, seeViewingGeneral/Area Status on page 46.


Use the router-id command in OSPF router configuration mode to set the OSPF router ID. Use the noform to restore the setting to default algorithm.

Syntax• router-id <router_id>

• no router-id

Parameter• <router_id>: OSPF router-id in IPv4 address format (A.B.C.D). Notice that the router ID should be unique

in the Autonomous System and value '0.0.0.0' is invalid since it is reserved for the default algorithm.If there is one or more fully adjacent neighbors in the current OSPF area, the new router ID will takeeffect after restarting the OSPF process (using 'clear ip ospf process'.)

Default

No OSPF router ID is configured. The default algorithm will choose the largest IP address assigned to therouter.

The equivalent CLI commands are.

! Enter global configuration mode.# configure terminal! Enable OSPF and enter OSPF router configuration mode.(config)# router ospf! Configure the OSPF router ID.! Router-1: Configure Router ID 0.0.0.1 (config- router)# router-id 0.0.0.1!Router-2: Apply default algorithm (Auto) (config- router)# no router-id

Note:

Use the show ip ospf command to verify the setting. For more information, seeViewing General/Area Status on page 46.


Configuring OSPF Router ID

6 OSPF Interface

The following sections discuss OSPF interface configuration through an example.

6.1 Configuring OSPF Passive InterfaceWhen an interface is configured as a passive interface, transmission of OSFP routing updates is suppressed.Therefore, the interface does not establish adjacencies (no OSPF Hellos). The subnet of all interfaces (bothpassive and active) is advertised by the OSPF router.

To configure VLAN 22 as a passive interface, perform the following steps.

1. Click Configuration > OSPF > Passive Interface, select the corresponding Passive Interface check boxfor the specific VLAN as shown in the following illustration.

Figure 11 • Configure OSPF Passive Interface


OSPF Interface

2. Click Configuration > OSPF > Configuration, to configure all interfaces as non-passive by default, in theDefault Passive Mode list, click False.

Figure 12 • Configure OSPF Passive Interface Default Setting

Note:

Use the OSPF Status web page to verify the current settings. For more information,seeViewing Interface Status on page 48.


Use the passive-interface vlan command in router configuration mode to suppress OSFP routingupdates on a specific interface.

Use the passive-interface default' command in router configuration mode to set all VLANinterfaces as passive by default.

Use the no form to remove the setting.

Syntax• passive-interface { default | vlan <vid_list> }

• no passive-interface { default | vlan <vid_list> }

Parameters• <vid_list>: List of VLAN interface numbers. It can be a single VLAN ID or a list of VLAN IDs, for

example. '1,3,5–8'.

Default

No passive-interface is configured.


OSPF Interface

The equivalent CLI commands to configure OSPF passive interface are:

! Enter global configuration mode.# configure terminal!Enable OSPF and enter OSPF router configuration mode.(config)# router ospf!Mark VLAN 22 as a passive interface.(config-if-vlan)# passive- interface vlan 22

Note:

Use the 'show ip ospf interface' command to verify the current settings. For moreinformation, seeViewing Interface Status on page 48.

6.2 Interface Parameter TuningThis section describes additional parameters, which fine-tune interfaces to fit real network situations.

6.2.1 OSPF Interface Router PriorityDesignated Router (DR) is elected by the Hello protocol. The Hello packet of a router contains its routerpriority, which is configurable on a per-interface basis. The router with the highest priority is more eligibleto become DR.

The router priority is an integer value from 0 to 255 with a default value of 1.Note:

When the router priority is set to zero, this router is ineligible to become the DR or backupdesignated router (BDR).

Use the ip ospf priority command in the VLAN interface configuration mode to set the routerpriority for the specific interface.

Use the no form to restore the setting to default.

Syntax• ip ospf priority <0-255>

• no ip ospf priority

Parameters• <0-255>: User-specified router priority for the interface.

Default

The default router priority value is 1.

6.2.2 OSPF Interface CostThe OSPF interface cost is a link state metric. The lower the cost, the more likely the interface is to be usedfor forwarding data traffic.

The cost value is used in the router LSAs' metric field and used in the SPF calculation.

The interface cost is an integer value from 0 to 255 with a default value of 1.

Use the ip ospf cost' command in VLAN interface configuration mode to set the cost value for thespecific interface. The cost value is assigned to router LSAs' metric field and used in the SPF calculation.


Syntax• ip ospf cost <1–65535>


OSPF Interface

• no ip ospf cost

Parameters• <1–65535>: Link state metric for the interface. This is used in the SPF algorithm.

Default

The default is no user-specified cost value. The cost is calculated by the OSPF process.

6.2.3 OSPF Hello Interval and Dead IntervalIf a router does not receive a hello packet from a neighbor within the dead interval, it declares the neighborto be down. Reception of a hello packet resets the timer.

Both the hello interval and the dead interval must be the same within the network. They are both includedin hello packets. If after reception the values do not match the configured values, then the hello packet isdropped, and so no neighborship is formed.

Note:

It is common practice to set the dead interval to four times the hello interval.

Use the ip ospf dead-interval command in VLAN interface configuration mode to set the deadinterval value (in seconds) for the interface.

The command also allows for configuring transmission of hello packets at rates faster than 1 second (fasthello packets) by using the minimal hello-multiplier <multiplier>' argument. Here,<multiplier> specifies the number of hello packets to be sent per second.

Use the no form to restore the setting to default value.

Syntax• ip ospf dead-interval { <1–65535> | minimal hello-multiplier <1–10>

}

• no ip ospf dead-interval

Parameters• <1–65535>: Number of seconds to wait until the neighbor is assumed to be dead. The timer is

restarted whenever a hello packet is received from the neighbor.• minimal hello-multiplier <multiplier>: Enables fast hello packets at<multiplier>

packets per second.

Default

The default dead-interval value is 40 seconds with no fast hello packets.Note:

If the input command with the optional argument minimal hello-multiplier isspecified, then the dead-interval is set to 1. In this case, the hello-interval advertised inhello packets is set to 0 and the hello-interval in the hello packets received over thisinterface is ignored. The value of fast hello packets need not be the same for the entiresegment since the router only requires that at least one hello packet is received withinthe dead-interval.

Note:

The configuration of dead-interval should be used with caution.

Although the benefit of smaller dead intervals is faster detection of neighbor removals, the downside ishigher CPU (and network) utilizations, which in turn may impact routing performance and other CPUactivities.


OSPF Interface

6.2.4 OSPF Fast Hello PacketsThe fast hello packets are hello packets transmitted at a rate faster than one per second. The benefit offast hello packets is that the OSPF network experiences faster convergence than it would without the fasthello packets. Lost neighbors are detected within one second.

The fast hello packets are configured (by CLI) using the minimal keyword in conjunction with a hellomultiplier, which specifies the number of times per second to transmit a hello packet. The use of theminimal keyword implicitly sets the advertised dead interval to 1 second and the advertised hello intervalto 0.

When using fast hello packets, the hello multiplier need not be identical across the whole network. In fact,unlike the dead interval, the hello multiplier is not advertised in hello packets. So there is no way for thereceiver of hello packets to check against its own multiplier.

Since the dead interval is 1, a neighbor is considered dead if a hello packet has not been received withinthe past one second.

Use the ip ospf hello-interval' command in VLAN interface configuration mode to set the hellointerval value for the interface.


Syntax• ip ospf hello-interval <1–65535>

• no ip ospf hello-interval

Parameters• <1–65535>: The time interval (in seconds) between hello packets.

Default

The default hello interval is 10 seconds.

6.2.5 OSPF Interface Retransmit IntervalThe retransmit interval determines the time until retransmitting a database description packet or a link-staterequest when the previous packet has not been acknowledged. If a router sends a link-state advertisement(LSA) to its neighbor without acknowledgment within the retransmit interval, the LSA is sent again.

The retransmit-interval is an integer value from 3 to 65535 with a default value of 5 seconds.

Use the ip ospf retransmit-interval command in VLAN interface configuration mode to setthe retransmit interval value for the interface.


Syntax• ip ospf retransmit-interval <3–65535>

• no ip ospf retransmit-interval

Parameters• <3–65535>: The time interval (in seconds) to wait before retransmitting a database description

packet or a link-state request when it has not been acknowledged.

Usage Guidelines

Be aware that the value of retransmit-interval should be greater than the expected round-trip delay betweenany two routers on the attached network. The configuration should also consider needless LSAretransmissions.


OSPF Interface

Note:

It is recommended to use the same retransmit interval on neighboring routers in orderto avoid unnecessary LSA retransmissions.

Default

The default retransmit-interval value is 5 seconds.

6.2.6 Configuring OSPF Interface ParametersTo configure the OSPF interface parameters, perform the following step.• Click Configuration > OSPF > Interfaces, set the parameters as shown in the following illustration, and

click Save.

Figure 13 • Configure OSPF Interface Parameters

Note:

Use the OSPF Status web page to verify the current settings. For more information, seeViewing Interface Status on page 48.


OSPF Interface

This section provides a series of examples for tuning the OSPF interface parameters.

! Enter global configuration mode.# configure terminal! Enter VLAN interface configuration mode.(config)# interface vlan 11! Set the priority to be used to elect the DR for a network. The OSPF router with the highest routerpriority becomes the designated router.(config-if-vlan)# ip ospf priority 8! Specify the cost of sending packets from the interface. The lower the cost, the more likely the interface is to be used to forward data traffic.(config-if-vlan)# ip ospf cost 128! Set the number of seconds during which the router must receive at least one Hello packet from a neighbor without declaring it down. The optional argument 'minimal hello- multiplier <multiplier>' is used to configure Hello packets to be transmitted at rates higher than once per second (a.k.a. fast Hello packets). In this case, the deal interval implicitly becomes one second.(config-if-vlan)# ip ospf dead-interval 10! Set the interval - in seconds - between transmission of Hello packets. This value is not used if fast Hello packets is used (see 'minimal hello-multipier').(config-if-vlan)# ip ospf hello-interval 20! Set the interval between retransmission of an LSA in case no acknowledgment has been received.(config-if-vlan)# ip ospf retransmit-interval 20

Note:

Use the show ip ospf interface command to verify the current settings. Formore information, see Viewing Interface Status on page 48.


OSPF Interface

7 OSPF Virtual Links

AnOSPF virtual link is established between two ABRs to overcome the fact that all areasmust be connecteddirectly to the backbone area (Area 0). A virtual link can be used in two cases.

7.1 Extend the Backbone AreaVirtual links allow the user to connect an ABR to a backbone ABR when a direct, physical connection is notavailable. The figure below shows an example of such a situation.

Figure 14 • OSPF Virtual Link Example Topology

Area 5 has no direct connection to the backbone area. A virtual link is a method to set a tunnel througharea 4. By using a virtual link, the area 0 can be extended through area 4 to area 5. With this method, area5 can be treated as a direct connection and Router-41 can be treated as having a direct connection to thebackbone area.

7.2 Connect Discontiguous Backbone AreasSince all the areasmust be connected to the backbone area, it is sometimes beneficial to have (for example)two backbone areas at two different locations, so that other areas connected at these two locations do nothave to have separate virtual links to a single backbone area. A virtual link can therefore be established toconnect the two backbone areas instead, effectively making them seem as one contiguous area.


OSPF Virtual Links

The following figure shows an example of such a situation.

Figure 15 • OSPF Discontiguous Area Example Topology

Area 4 has a virtual link between Router-4 and Router-42, effectively connecting the two backbone areas.

7.3 Configuring Virtual LinkIn this example, Router-4 (with Router ID 0.0.0.4) and Router-41 (with Router ID 0.0.0.41) are configuredto have a virtual link that connects area 5 to area 0 through area 4, taking basis in the figure from the Extendthe Backbone Area section.• Click Configure > OSPF > Virtual Link, to create a virtual link, click Add New Entry, and configure Area

ID and Router ID as shown in the following illustration and then click Save.

Figure 16 • Configure OSPF Virtual Link

Note:



Use the virtual link command in router configuration mode to set a virtual link between two relatedABRs. Use the optional argument hello-interval to configure the hello interval on the virtual link. Use


OSPF Virtual Links

the optional argument retransmit-interval to configure the retransmit interval on the virtual link.Use the optional argument dead- interval to configure the dead interval on the virtual link. Use theoptional argument authentication to set a security connection on virtual link.


Syntax• area <area_id> virtual-link <router_id> [hello-interval <1–65535>]

[retransmit- interval <1–65535>] [dead-interval <1–65535>]

• no area <area_id> virtual-link <router_id> [hello-interval <1–65535>][retransmit-interval <1–65535>] [dead-interval <1–65535>]

• area <area_id> virtual-link <router_id> { authentication [ null |message-digest ] | authentication-key { unencrypted <word1-8> |encrypted <word128> } | message-digest-key <1-255> md5 { unencrypted<word1-16> | encrypted <word128> } }

• no area <area_id> virtual-link <router_id> { authentication |authentication-key | message-digest-key <1–255> } }

Parameters• <area_id>: The OSPF area ID.• virtual-link: Configure a virtual link.• <router_id>: Configure router-id in IPv4 address format (A.B.C.D).• hello-interval: Configure the hello interval on the virtual link.• retransmit-interval: Configure the retransmit interval on the virtual link.• dead-interval: Configure the dead interval on the virtual link.• null: Use null authentication.• message-digest: Use MD5 authentication.• authentication-key: Use simple password.• message-digest-key <1–255> md5: The MD5 key ID and key.• unencrypted: The key in plain text.• encrypted: The encrypted key.

Default

No OSPF virtual link is configured.


! Enter global configuration mode.# configure terminal ! Enable the OSPF routing process and enter the OSPF router configuration mode.(config)# router ospf ! For Router-4, use the following commands to setup. ! Configure a virtual link to another OSPF router within the area. (config-router)# router-id 0.0.0.4(config-router)# network 1.0.3.0 0.0.0.255 area 0.0.0.0(config-router)# network 1.0.4.0 0.0.0.255 area 0.0.0.0(config-router)# network 1.4.15.0 0.0.0.255 area 0.0.0.4(config-router)# area 4 virtual-link 0.0.0.41! For Router-41, repeat steps 1-2 and use the following commands to setup.(config-router)# ospf router-id 0.0.0.41(config-router)# network 1.4.15.0 0.0.0.255 area 0.0.0.4(config-router)# network 1.5.16.0 0.0.0.255 area 0.0.0.5(config-router)# area 4 virtual-link 0.0.0.4

Note:



OSPF Virtual Links

8 OSPF Authentication

The OSPF router supports the following three authentication types.• Type 0 (null authentication)—means no authentication.• Type 1 (simple password)—is using a plain text authentication. A password must be configured, but

the password can be eavesdropped.• Type 2 (cryptographic authentication) —is message-digest algorithm 5 (MD5) authentication. Keying

material must also be configured. This is the most secure method.

The authentication type is configurable on a per-interface basis.

8.1 Configuring Area AuthenticationThis example shows how to configure authentication for an area. The following illustration shows the currentexample specific OSPF area authentication topology.

Figure 17 • OSPF Area Authentication Topology

To configure area authentication, perform the following step.• Click Configuration > OSPF > Area Authentication, to apply in the running configurations, click Add

New Entry, configure Area ID and Auth. Type as shown in the following figure, and then click Save.

Figure 18 • Configure an OSPF Area Authentication

Note:




OSPF Authentication

Use the area authentication' command in router configuration mode to configure authenticationused in a specific area. Use the no form to remove the setting.

Syntax• area <area_id> authentication [ message-digest ]

• no area <area_id> authentication

Parameters• <area_id>: 32-bit area ID.• message-digest: Use MD5 authentication. If not specified, the authentication type is a simple

password.

Default

No authentication is configured.

Usage Guidelines

This command applies the authentication type to all VLAN interfaces within an area. It may be overriddenper VLAN interface as shown in Interface authentication.

It is not necessary to disable authentication while switching between MD5 and simple passwordauthentication types.

The equivalent CLI commands to configure OSPF area authentication are:

! Enter global configuration mode.# configure terminal! Enable OSPF routing and enter the OSPF router configuration mode.(config)# router ospf! Configure the authentication type within the given area.(config-router)# area 1 authentication message- digest ! The password and keying material need to be configured on the VLAN interface if the specified authentication type requires it. Default setting is null authentication.(config-if-vlan)# ip ospf message-digest-key 30 md5 unencrypted 1234

Note:• Per-VLAN interface settings will override any per-area authentication settings.• Use the show ip osp' command to verify the current settings. For more

information, see Viewing General/Area Status on page 46.

8.2 Configuring Interface AuthenticationThis example shows how to set up authentication on specific interfaces. The following illustration showsthe current example specific OSPF interface authentication topology.

Figure 19 • OSPF Interface Authentication Topology

To configure interface authentication, perform the following step.


OSPF Authentication

• Click Configuration > OSPF > Interfaces, in the Auth. Type list, click the appropriate authenticationmethod as shown in following figure.

Figure 20 • Configure OSPF Interface Authentication

Note:



Use the ip ospf authentication command in VLAN interface configuration mode to configure theauthentication. Use the no form to remove the setting.

Syntax• ip ospf { authentication [ null | message-digest ] | authentication-key

{ unencrypted <word1–8> | encrypted <word128> } | message-digest-key<1–255> md5 { unencrypted <word1–16> | encrypted <word128> } }

• no ip ospf { authentication | authentication-key | message-digest-key<1–255> }

Parameters• null: Use null authentication.• message-digest: Use MD5 authentication.• authentication-key: Use simple password.• message-digest-key <1-255> md5: The MD5 key ID and key.• unencrypted: The key is in plain text.• encrypted: The key is encrypted.

Defaults

No OSPF authentication is configured.


OSPF Authentication

The equivalent CLI commands to configure OSPF interface authentication are:

! Enter global configuration mode. # configure terminal ! Enter VLAN interface configuration mode. (config)# interface vlan 10 ! Enable interface authentication.(config-if-vlan)# ip ospf authentication ! Configure the authentication type.(config-if-vlan)# ip ospf authentication message- digest ! Configure the authentication password or message-digest key. Use the argument 'unencrypted' to specify that the password is in plain text and 'encrypted' to specify that the password is in encrypted format.! Default authentication scheme is to use the area authentication settings.(config-if-vlan)# ip ospf message-digest-key 1 md5 unencrypted 1234

Note:• If using simple password authentication but no password is configured, all zeros are

used as the password.• If using MD5 authentication but the message digest key is not configured, the OSPF

packets act as null authentication.• Use the show ip ospf interface command to verify the current settings.

For more information, see Viewing Interface Status on page 48.

8.3 Configuring Virtual Link AuthenticationThe following example shows how to configure authentication on virtual links. It is assumed that the virtuallink is already configured as explained in virtual link configuration example.

Figure 21 • OSPF Virtual Link Topology

To configure virtual link authentication, perform the following step.


OSPF Authentication

• Click Configuration >OSPF > Virtual Link, clickAddNew Entry, configureArea ID, Router ID, andAuth.Type as shown in the following figure, and then click Save to apply it in the running configuration.

Figure 22 • Configure OSPF Virtual Link Authentication

Note:

Use the OSPF Status web page to verify the current settings. For more information,see Viewing Interface Status on page 48.


Use the optional argument authentication to the area virtual-link command in routerconfiguration mode. Use the no form to remove the setting.

Syntax• area <area_id> virtual-link <router_id> {

authentication [ <null|message-digest> ] |

authentication-key { unencrypted <word1-8> | encrypted <word128> } |message-digest-key <1–255> md5 { unencrypted <word1-16> | encrypted

<word128> }

}

• no area <area_id> virtual-link <router_id> { authentication |

authentication-key |

message-digest-key <1–255> }

}

Parameters• <area_id>: OSPF Area ID.• virtual-link: Configure the virtual link on this area.• <router_id>: OSPF Router ID.• null: Use null authentication.• message-digest: Use MD5 authentication.• authentication-key: Use simple password.• message-digest-key <1–255> md5: The MD5 key ID and key.• unencrypted: The key is in plain text.• encrypted: The key is encrypted.

Default

No authentication is configured on virtual links.


OSPF Authentication

The equivalent CLI commands to configure OSPF virtual link authentication are:

! Enter global configuration mode.# configure terminal ! Enable OSPF routing and enter OSPF router configuration mode.(config)# router ospf ! For Router-4, use the following commands to setup.! Set-up authentication on a virtual link.(config-router)# area 4virtual-link 0.0.0.41 authentication(config-router)# area 4virtual-link 0.0.0.41 authentication-key unencrypted 1234! For Router-41, repeat steps 1-2 and use the following commands to setup.(config-router)# area 4virtual-link 0.0.0.4 authentication(config-router)# area 4virtual-link 0.0.0.4 authentication-key unencrypted 1234

Note:



OSPF Authentication

9 OSPF Stub Areas

OSPF stub areas are shielded from external routes, so AS-external LSAs (type 5) are not flooded into/throughit. This reduces the link-state database size and therefore the memory and CPU utilizations.

To further reduce the memory and CPU consumptions, an area can be configured as a totally stubby area,where also summary-LSAs (type 3) except for the default route are blocked.

For a stub area or totally stubby area to reach any destination, not reachable by an intra-area or inter-areapath, the stub area’s ABR must advertise a default route into the stub or totally stubby area throughsummary-LSAs.

Note:• All routers in a stub area must be configured as stub routers. Otherwise, the

neighboring routers refuses to accept hello packets.• All routers in a totally stubby area must be configured as stub routers and only the

ABR needs to be configured as a totally stubby router.• An ASBR cannot be placed inside a stub area or a totally stubby area.• Virtual links cannot be configured through stub areas or totally stubby areas.

The following figure shows an example of a stub area.

Figure 23 • OSPF Stub Area Example

Router-15 is anASBR connected to external networkwhich is1.99.1.0/24 , so it creates AS-external-LSAsto advertise the external network information. All ABRs must flood these LSAs into the area they attach.Finally, all routers have the external route. For example, the route entries in router-31 are:

Codes: C - connected, S - static, O - OSPF,* - selected route, D - DHCP installed routeO* 1.99.1.0/24 [110/20] via Router-3 O* 1.0.1.0/24 [110/100] via Router-3 O* 1.0.2.0/24 [110/100] via Router-3 O* 1.1.7.0/24 [110/100] via Router-3 O* 1.1.8.0/24 [110/100] via Router-3 O* 1.1.11.0/24 [110/100] via Router-3 O* 1.3.12.0/24 [110/100] via Router-3


OSPF Stub Areas

On the other hand, once area 3 is configured as stub area, Router-3 does not flood AS- external-LSs intoarea 3, because it is an ABR for stub area 3. At the same time, it also advertises a default route into thestub area. In this example, the route entries in Router-31 are:

Codes: C - connected, S - static, O - OSPF,* - selected route, D - DHCP installed routeO* 0.0.0.0/0 [110/100] via Router-3O* 1.0.1.0/24 [110/100] via Router-3O* 1.0.2.0/24 [110/100] via Router-3O* 1.1.7.0/24 [110/100] via Router-3O* 1.1.8.0/24 [110/100] via Router-3O* 1.1.11.0/24 [110/100] via Router-3O* 1.3.12.0/24 [110/100] via Router-3

The following figure shows an example of a totally stubby area.

Figure 24 • OSPF Totally Stubby Area Example

This topology is almost the same as the above except Router-2 is configured as a totally stubby router, area2 is a totally stubby area. Compared to the stub area, the totally stubby area not only blocks AS-external-LSAs,but also summary-LSAs. So the area does not get any routes from other areas except for the default routefrom Router-2. The route entries in Router-22 are:

Codes: C - connected, S - static, O - OSPF,* - selected route, D - DHCP installed routeO* 0.0.0.0/0 [110/100] via Router-2O* 1.2.5.0/24 [110/100] via Router-2 O* 1.2.6.0/24 [110/100] via Router-2

Another kind of stub area is the not-so-stubby area (NSSA), which is defined in RFC 1587 and RFC 3101. Itis illegal for a stub area to import routes external to OSPF. However, NSSA can import external routes intoOSPF. To support NSSAs, all routers in the NSSA must agree on the "N" bit (NSSA capable) and allow Type-7LSAs to carry external route information. NSSA area border routers translates Type-7 LSAs to Type-5 LSAsand advertise these to other areas. The NSSA area border routers can be configured to always or nevertranslate Type-7 LSAs. It is also possible to select the translator router through an election process bymarking routers as the candidates for a translation election. The NSSA ABR that has the highest router IDis elected as the one translating type-7 LSAs into type-5 LSAs. Type-7 LSAs are only advertised within a


OSPF Stub Areas

NSSA, they are not flooded into backbone area or other area. The NSSA area border router generates aType-3 default route in the NSSA.

The following figure shows an example of configuring an NSSA.

Figure 25 • OSPF NSSA Example Topology

Compared to the NSSA, the totally NSSA not only blocks AS-external-LSAs (Type-5 LSAs), but alsosummary-LSAs. The totally NSSA does not get any routes from other areas except the default route fromits ABR. The following figure shows an example of configuring an totally NSSA.

Figure 26 • OSPF Totally NSSA Example Topology


OSPF Stub Areas

9.1 Configuring OSPF Stub AreasThe following example configures Area 3 as a stub area and Area 2 as a totally stubby area. The followingillustration depicts the topology for the current example.

Figure 27 • OSPF Stub Area Topology

To configure virtual link authentication, perform the following step.


OSPF Stub Areas

• Click Configuration > OSPF > Stub Area, click Add New Entry, configure Area ID, Stub Type, and NoSummary as shown in the following figure. If the No Summary check box is selected, then the area isconfigured as a totally stub area.

Figure 28 • Configure OSPF Stub Area

Note:



Use the area stub command in OSPF router configuration mode to configure a stub or totally stubbyarea.

Use the no form to restore the setting.

Syntax• area <area_id> stub [no-summary]

• no area <area_id> stub [no-summary]

Parameters• <area_id>: Area ID.• stub: Configure the area as stub area.• no-summary: Configure the area as totally stubby area.

Default


OSPF Stub Areas

Area is neither a stub nor a totally stubby area.

The equivalent CLI commands to configure OSPF stub area are:

! Enter global configuration mode.# configure terminal ! Enable the OSPF routing process and enter the OSPF router configuration mode.(config)# router ospf! Configure Router-2. Set area 2 as a totally stubby area. Apply command 'area0.0.0.2 stub' on Router-21 since all routers in stub area must be configured as stub routers. Otherwise the neighboring routers will refuse to accept OSPF hello packets.

Notice that the 'no- summary' option is required on ABR (Router-2) only.(config-router)# area 0.0.0.2 stub no-summary

! Configure Router-3. Set area 3 as a stub area. Apply command 'area0.0.0.3 stub' on Router-31 too. Same reason as the description in step 3.

(config-router)# area 0.0.0.3 stub

Note:


9.2 Configuring NSSAThe following example configures area 6 as a NSSA and area 7 as a totally NSSA.

Figure 29 • OSPF NSSA Topology

To configure NSSA, perform the following step.


OSPF Stub Areas

• Click Configuration > OSPF > Stub Area, click Add New Entry, configure Area ID, Stub Type, and NoSummary as shown in the following figure. If the No Summary check box is selected, then the area isconfigured as a totally NSSA.

Figure 30 • Configure OSPF Stub Area

Note:



Use the area NSSA command in OSPF router configuration mode to configure a NSSA or totally NSSAarea.

Use the no form to restore the setting.

Syntax• area <area_id> nssa [no-summary]

• no area <area_id> nssa [no-summary]

• area <area_id> nssa translate type7 { always | never | candidate }

• no area <area_id> nssa translate type7 { always | never | candidate}

Parameters• <area_id>: Area ID.• nssa: Configure the area as NSSA.• stub: Configure the area as stub area.• no-summary: Configure the area as totally NSSA.• always: Configure the NSSA-ABR to always translates the Type-7 LSAs to Type-5 LSAs.• never: Configure the NSSA-ABR to never translates the the Type-7 LSAs to Type-5 LSAs.• candidate: Configure the NSSA-ABR so that it participates in the translator election.


OSPF Stub Areas

Default

The area is neither a NSSA nor a totally NSSA. Default translator mode for NSSA is 'candidate'.

The equivalent CLI commands to configure OSPF NSSA are:

! Enter global configuration mode.# configure terminal! Enable the OSPF routing process and enter the OSPF router configuration mode.(config)# router ospf! Configure Router-2. Set area 7 as a totally NSSA. It is necessary to apply command 'area 0.0.0.7 nssa' on Router-71 since all routers in NSSA must be configured as NSSA routers. Otherwise the neighboring routers will refuse to accept OSPF hello packets. !Notice that the 'no- summary' option is required on ABR (Router-2) only.(config-router)# area 0.0.0.7 nssa no-summary! Configure Router-3. Set area 6 as a NSSA. Apply command 'area 0.0.0.6 nssa' on Router-61 too. Same reason as the description in step 3.(configrouter)# area 0.0.0.6 nssa

Note:



OSPF Stub Areas

10 OSPF Area Range

In anOSPF domain, each ABRmaintains separate link-state databases and advertises the summarized routesto other areas. The reasoning behindOSPF area ranges is to reduce the number of routes advertised throughsummary-LSAs (type 3), thereby reducing the size of LSDB in neighboring areas.

When a route matches a configured area range, only the area range is advertised. In addition, it is possibleto filter out the entire advertisement of that range.

An area range may also come with a user-specified cost.Note:

The software detects the overlapping address ranges and deny applying the configuration.

10.1 Configuring OSPF Area RangeHere is an examplewhere Router-1 is configured to not advertise area 1’s1.1.99.0/24 and to summarizethe following networks in Area 1 into a single range, namely 1.1.1.8.0/22: 1.1.1.8.0/24,1.1.1.9.0/24, 1.1.1.10.0/24, and 1.1.1.11.0/24. The following illustration depicts theOSPF area range topology.

Figure 31 • Configure OSPF Area Range

In the previous illustration:• Router-1 is the ABR between Aarea 1 and the backbone area.• Router-14 is in the same area and contains an external route, 1.1.99.0/24, which should remain

unknown in the backbone area.

To configure OSPF area range, perform the following step.


OSPF Area Range

• Click Configuration > OSPF > Area Range, click Add New Entry, configure Area Id and address rangeto create a summarization entry as shown in the following figure. Click Save button to apply it in therunning configuration.

Figure 32 • Configure OSPF Area Range

Note:



Use the area range command in router configuration mode to summarize or suppress ranges. Use theno form to remove the setting.

Syntax• area <area_id> range <ipv4_addr> <ipv4_netmask> [advertise|

not-advertise]

• no area <area_id> range <ipv4_addr> <ipv4_netmask> [advertise|not-advertise]

Parameters• <area_id>: Area ID.• <ipv4_addr> <ipv4_netmask>: User specified address range.• advertise: Summarize intra-area paths from the address range in one summary- LSA (Type 3) and

advertise to other areas (this is default if not directly specified).• not-advertise: The intra-area paths from the address range are not advertised to other areas.• cost <cost>: User specified cost (or metric) for this summary route.

Default

No area range is configured. Advertise is default if not specified. If cost is not specified, the advertisedcost for the summarized route becomes themaximummetric among the routes the command summarizes.

Usage Guidelines

The area range command is used only with ABRs and only the router-LSAs (type 1) and network-LSAs (type2) can be summarized.

AS-external-LSAs (type 5) cannot be summarized because the scope is OSPF AS.


OSPF Area Range

The AS-external-LSAs (type 7) cannot be summarized as this feature is not supported yet.

The equivalent CLI commands to configure OSPF route range are:

! Enter global configuration mode.# configure terminal ! Enable OSPF routing and enter OSPF router configuration mode.(config)# router ospf ! Summarize intra-area paths on the ABR.(config-router)# area 1 range 1.1.8.0 255.255.252.0 advertise ! When 'not-advertise' is set, the intra-area paths from this range are not advertised into other areas.(config-router)# area 1 range 1.1.99.0 255.255.255.0 not-advertise

Note:



OSPF Area Range

11 OSPF Route Redistribution

OSPF route redistribution is a means to advertise routes coming from other domains (for example, RIP andBGP) to an OSPF domain. Use of this feature effectively makes the router an ASBR.

In the current implementation, only the following "other domains" are supported.• Static routes• Interfaces that do not have OSPF enabled

Redistributed routes are transmitted into the OSPF domain with type 5 external LSAs provided, the areaaccepts external routes.

Routes from other domains also have a cost or metric attached. Whether or not using these costs dependon the configured metric type.• Type 1 external metrics—metrics are expressed in the same units as OSPF interface cost. Therefore,

they can be added to OSPF costs to find an overall cost.• Type 2 external metrics—only the external costs are considered by the SPF algorithm.

Figure 33 • OSPF Route Redistribution Topology

Consider the following example with two routes from R1 (in internal OSPF domain) to R2 (external AS):• R1→ASBR1 (cost 3 in OSPF domain) and ASBR1→R2 (cost 10 in external routing domain)• R1→ASBR2 (cost 7 in OSPF domain) and ASBR2→R2 (cost 8 in external routing domain)

When the type 1 external metric is used, R1 chooses ASBR1 to transmit packets to R2, because the totalcost from R1 to R2 through ASBR1 is 13 (3 + 10), which is lower than 15 (7 + 8) through ASBR2.

On the other hand, when type 2 is used, R1 chooses ASBR2 instead. The reason is that the cost throughASBR2 to R2 is 8, which is better than 10 through ASBR1.

When the equal-cost type 2 routes exist, the internal cost to the advertising routers is used to break thetie.

Both the type 1 and the type 2 external metrics can be used in the AS at the same time. In that case, thetype 1 external metrics always take precedence.

The default value is the type 2 external metrics.

The metric, configurable by the user, is the cost to send a packet from the ASBR to the destination. Thedefault value is either the value of the defaultmetric if configured or calculated automatically by the routingprotocols.

11.1 Configuring OSPF Route RedistributionThe following example shows how to configure an OSPF router to redistribute route information into theOSPF domain with Type 1 external metric. It is a two-step procedure.

Route redistribution


OSPF Route Redistribution

Use the redistribute metric command in OSPF router configuration mode to enable routeredistribution to theOSPF domain. The redistributed routes are transmittedwith theAS-external-LSAs (type5 LSAs).


Syntax• redistribute { static | connected } [ metric <0–16777214> ] [

metric-type { 1 | 2} ]

• no redistribute { static | connected }

Parameters• { static | connected }: The OSPF redistributed route protocol type. The static argument

is used to redistribute static routes (those configuredwith theip route command). Theconnectedargument is used to redistribute the local interfaces that are not OSPF enabled.

• metric <0–16777214>: The metric value for redistributed routes.• metric-type { 1 | 2 }: External link type associated with the route that is advertised into the

OSPF routing domain.

Default

No route redistribution is configured. Metric-type 2 is the default if metric-type is omitted fromthe command.

Set Default Metric for the OSPF Routing Protocol

Use the default-metric command in router configuration mode to set the default metric value forthe OSPF routing protocol.


Syntax• default-metric <0–16777214>

• no default-metric

Parameters• <0–16777214>: User-specified default metric value for the OSPF routing protocol.

In the following example, assume that there are two IP interfaces on the device. One is on VLAN 10 withIP address 10.0.0.1/ 24 and the other is on VLAN 11 with ip address 11.0.0.1/24. Also, only thenetwork address range 10.0.0.0/24 (VLAN 10) participates in the OSPF domain (VLAN 11 does notparticipate). For the connected interface VLAN 11, the following configuration can redistribute the externaltype 1 route information into OSPF domain.



The CLI commands to execute the configuration are:

! Enter global configuration mode.# configure terminal ! Create VLAN 10 and 11.(config)# vlan 10,11 ! Enter VLAN 10 interface configuration mode.(config)# interface vlan 10 ! Set IP address on VLAN 10.(config-if-vlan)# ip address 10.0.0.1 255.255.255.0 ! Enter VLAN 11 interface configuration mode.(config-if-vlan)# interface vlan 11 ! Set IP address on VLAN 11.(config-if-vlan)# ip address 11.0.0.1 255.255.255.0 ! Enter GigabitEthernet 1/10 interface configuration mode.(config-if-vlan)# iinterface GigabitEthernet 1/10! Join VLAN 10.(config-if)# switchport access vlan 10 ! Enter GigabitEthernet 1/11 interface configuration mode(config-if-vlan)# iinterface GigabitEthernet 1/11 ! Join VLAN 11.(config-if)# switchport access vlan 11 ! Enable the OSPF routing process and enter OSPF router configuration mode.(config-if)# router ospf ! Add network.(config-router)# network 10.0.0.0 0.0.0.255 area 0.0.0.0 ! Redistribute route information into OSPF domain with Type 1 external metric.(config-router)# redistribute connected metric-type 1

Note:


To configure an OSPF router to redistribute route information into the OSPF domain with type 1 externalmetric, perform the following step.• Click Configuration > OSPF > Configuration, in theMetric Type list, click External Link Type 1 as

shown in the following figure. The static route metric type can also be configured here.

Figure 34 • Configure OSPF Route Redistribution

Note:

Use the OSPF Status web page to verify the current settings. For more information,see Viewing General/Area Status on page 46.



12 OSPF Stub Router

OSPF stub router is defined in RFC 3137. A stub router is a router, which advertises that it is unavailable forforwarding transit traffic. In some cases, it may be advantageous to inform routers in a network not to usea specific router as a transit point, but still route to it. The possible situations include:• The router is in a critical condition (probably have a high CPU load or does not have enough memory

space).• Graceful introduction and removal of the router to/from the network.• Other (administrative or traffic engineering) reasons.

Note:

The router is not being removed from the network, stub router advertisement is to preventother routers from using it as a transit routing. The current implementation is to set thecost of non-stub links as LS Infinity (16-bit value 0xFFFF) in the router-LSA.

The following figure shows an example of OSPF stub router.

Figure 35 • OSPF Stub Router Topology

If Router-3 is configured as stub router, routers chooses Router-1, Router-2, and Router-4 as their routingpath as possible. For example, consider Router-4, it chooses Router-1 to route the traffic destined to1.2.5.0/24 instead of Router-3. But the traffic destined to 1.3.12.0/24 is still forwarded to Router-3,because Router-3 is the best path in terms of cost.

12.1 Configuring OSPF Stub RouterThe following example configures the router as stub router.

To configure OSPF stub router, perform the following step.


OSPF Stub Router

• Click Configuration >OSPF > Configuration, configure the stub router mode and the interval as shownin the following figure. Click Save button to apply it in the running configuration.

Figure 36 • Configure OSPF Stub Router


Use the max-metric router-lsa’command in the router configuration mode to set the router instub router mode. The stub router mode can be enabled administratively (meaning indefinitely) or for atime period. In the latter case, the stub mode is only active for period of seconds after startup and/or aperiod of seconds prior to shutdown. Use the 'no' form to remove the setting.

If you have configured the stub router mode during shutdown, then when you issue the no routerospf command, the router advertises router-LSAs with max metric before stopping the OSPF process.This mechanism also works when the device reboots except in the case where you have performed a reloaddefault operation as this removes the OSPF configuration.

Syntax• max-metric router-lsa { [on-startup <5-86400>] | [on-shutdown <5-100>]

| [administrative] }

• no max-metric router-lsa

Parameters• on-startup: Automatically advertises stub router-LSA on startup of OSPF router.• <5—86400>: Time (seconds) to advertise self as stub router on startup.• on-shutdown: Advertises stub router prior to the full shutdown of OSPF.• <5—100>: Time (seconds) to advertise self as the stub router on shutdown.• administrative: Administratively applied stub router, for an indefinite period.

Default

No OSPF stub router is configured.

The equivalent CLI commands to configure OSPF stub router are:

! Enter global configuration mode.# configure terminal ! Enable OSPF and enter OSPF router configuration mode.(config)# router ospf ! Configure the router as stub router.(config-router)# max-metric router-lsa administrative


OSPF Stub Router

13 Restarting IP OSPF Process

In a few specific cases, the OSPF routing process may need to restart.

For example, when the OSPF router ID is re-configured, the OSPF process must be restarted for this to takeeffect.

To restart OSPF process, perform the following step.• Click Configuration > OSPF > Configuration, click Clear OSPF Process to restart the OSPF process.

Figure 37 • Clear IP OSPF Process

Note:

Use theOSPF Status page to verify the current settings. Formore information, seeViewingGeneral/Area Status on page 46.


Use the clear ip ospf process command in privileged execution mode to reset the OSPF routingprocess. The original OSPF database is cleared before the latest configuration gets applied.

Syntax• clear ip ospf process

The equivalent CLI commands to clear ip ospf process through CLI are:

! Restart the OSPF routing process.

# clear ip ospf process

Note:

Use the show ip ospf command to verify the current settings. See ViewingGeneral/Area Status on page 46.


Restarting IP OSPF Process

14 OSPF Status

The following sections discuss how to view various OFPS status.

14.1 Viewing General/Area StatusTo view the general/area status, perform the following steps.

1. ClickMonitor > OSPF > Status, the OSPF Global Status page is displayed.

Figure 38 • OSPF General Status

2. ClickMonitor > OSPF > Area, the OSPF Area Status page is displayed.

Figure 39 • OSPF Area Status


Use the show ip ospf command in global execution mode to show the general OSPF and areainformation.

Syntax• show ip ospf


OSPF Status


# show ip ospfRouting Process, with ID 10.10.10.2 Initial SPF schedule delay 200 msecs Minimum hold time between two consecutive SPFs 400 msecs Maximum wait time between two consecutive SPFs 10000 msecs SPF algorithm last executed 00:00:06 ago Minimum LSA interval 5 secs Minimum LSA arrival 1000 msecsNumber of external LSA 2. Checksum Sum 0x00010bf0Number of areas in this router is 2 Area BACKBONE(0.0.0.0) Number of active interfaces in this area is 1 Area has no authentication SPF algorithm executed 5 times Number of LSA 14 Number of router LSA 4. Checksum Sum 0x0002527d Number of network LSA 3. Checksum Sum 0x0000b348 Number of summary LSA 5. Checksum Sum 0x0001a09b Number of ASBR summary LSA 2. Checksum Sum 0x0001709a Number of NSSA LSA 0. Checksum Sum 0x00000000Area ID: 0.0.0.1 Number of active interfaces in this area is 1 It is a NSSA area Perform type-7/type-5 LSA translation NSSA translator state is elected Area has no authentication SPF algorithm executed 2 times Number of LSA 7 Number of router LSA 1. Checksum Sum 0x0000f5fd Number of network LSA 0. Checksum Sum 0x00000000 Number of summary LSA 4. Checksum Sum 0x0001f40f Number of ASBR summary LSA 2. Checksum Sum 0x0000bcc4 Number of NSSA LSA 0. Checksum Sum 0x00000000

14.2 Showing Neighbor StatusTo view the neighbor status, perform the following steps.

1. ClickMonitor > OSPF > Neighbor, the OSPF Neighbor Status page is displayed with OSPF neighborsummary table.

Figure 40 • OSPF Neighbor Status


OSPF Status

2. ClickMonitor >OSPF >Neighbor, and then click a specifiedNeighbor ID link. The correspondingNeighborDetailed Information page with detailed status for the specified neighbor is displayed.

Figure 41 • OSPF Neighbor Detail Status

Use the show ip ospf neighbor command in global execution mode to show all OSPF neighborinformation.

Syntax• show ip ospf neighbor [detail]

Parameters• [detail]: Show detailed information of each neighbor.


# show ip ospf neighborNeighbor ID Pri State Dead Time Address Interface10.9.52.101 1 FULL/DR 33.712sec 10.9.52.101 VLAN 120.1.1.2 1 FULL/DR 36.245sec 20.1.1.2 VLAN 200# show ip ospf neighbor detailNeighbor 10.9.52.101, interface address 10.9.52.101 In the area 0.0.0.0 via interface VLAN 1 Neighbor priority is 1, State is FULL DR ID is 10.9.52.101, DR address is 10.9.52.101 BDR ID is 10.9.52.101, BDR address is 10.9.52.124 Options 18 *|-|-|EA|-|-|E|- Dead timer due in 31.004 secNeighbor 20.1.1.2, interface address 20.1.1.2 In the area 0.0.0.1 via interface VLAN 200 Neighbor priority is 1, State is FULL DR ID is 20.1.1.2, DR address is 20.1.1.2 BDR ID is 20.1.1.2, BDR address is 20.1.1.1 Options 2 *|-|-|-|-|-|E|- Dead timer due in 33.538 sec#

14.3 Viewing Interface StatusTo view the interface status, perform the following step.


OSPF Status

• ClickMonitor > OSPF > Interface, the OSPF Interface Status page is displayed.

Figure 42 • OSPF Interface Status

Use the show ip ospf interface command in the global executionmode to show the specific OSPFinterface information. By default, it shows all OSPF interfaces. VLAN is down is shown when OSPF isnot running on this interface until the interface is up.

Syntax• show ip ospf interface [vlan <vlan_list>]

Parameters• <vlan_list>: The VLAN list can be a single VLAN ID, a range of VLAN IDs (for example, 20–25), a

list of VLAN IDs (for example, 1,3) or a combination (for example, 1,3,20–25)


# show ip ospf interface vlan 1,30,100,200VLAN 1 is up Internet Address 10.9.52.124/24, Area 0.0.0.0 Router ID 10.1.1.1, Cost: 10 Transmit Delay is 1 sec, State BDR, Priority 1 Designated Router (ID) 10.9.52.101, Interface address 10.9.52.101 Backup Designated router (ID) 10.1.1.1, Interface address 10.9.52.124 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 1, Adjacent neighbor count is 1VLAN 30 is down Internet Address 30.1.1.1/24, Area 0.0.0.1 Router ID 10.1.1.1, Cost: 10 Transmit Delay is 1 sec, State DOWN, Priority 1 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0VLAN 100 is up Internet Address 10.1.1.1/24, Area 0.0.0.0 Router ID 10.1.1.1, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 10.1.1.1, Interface address 10.1.1.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 No Hellos (Passive interface) Neighbor Count is 0, Adjacent neighbor count is 0VLAN 200 is up Internet Address 20.1.1.1/24, Area 0.0.0.1 Router ID 10.1.1.1, Cost: 10 c Transmit Delay is 1 sec, State BDR, Priority 1 Designated Router (ID) 20.1.1.2, Interface address 20.1.1.2 Backup Designated router (ID) 10.1.1.1, Interface address 20.1.1.1 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:03 Neighbor Count is 1, Adjacent neighbor count is 1#


OSPF Status

14.4 Viewing Route StatusTo view the route status, perform the following step.• ClickMonitor > System > Routing Info. Base, the Routing Information Base page is displayed.

Figure 43 • Route Status

Use the show ip route command in global execution mode to show information about all routes.

Syntax• show ip route


# show ip routeCodes: C - connected, S - static, O - OSPF, * - selected route, D - DHCP installed route

D* 0.0.0.0/0 [254/0] via 10.9.52.200, VLAN 1C* 10.1.1.0/24 is directly connected, VLAN 100O 10.1.1.0/24 [110/10] is directly connected, VLAN 100, 00:07:36 C* 10.9.52.0/24 is directly connected, VLAN 1O 10.9.52.0/24 [110/10] is directly connected, VLAN 1, 00:07:26 C* 20.1.1.0/24 is directly connected, VLAN 200O 20.1.1.0/24 [110/10] is directly connected, VLAN 200, 00:06:53

Connected: Specifies the route was learned as a result of configuring the interfaceStatic: Specifies the route was explicitly configured using the'ip route' commandOSPF: Specifies the route learned through OSPFDHCP: DHCP installed route

14.5 Viewing OSPF Route StatusTo view the route status, perform the following step.


OSPF Status

• ClickMonitor > OSPF > Routing, the OSPF Routing Status page is displayed.

Figure 44 • OSPF Route Status

Use the show ip ospf route command in global execution mode to show the information about allthe routes learned from OSFP. Compared to the route status in the previous section, through OSPF routestatus, user is able to get more OSPF routing information, such as the routes area location: intra-area,inter-area, or the area, outside of the AS. It also tells users how to access the ABRs or ASBRs.

Syntax• show ip ospf route


OSPF Status


# show ip ospf route OSPF Router with ID (0.0.0.4) Codes: i - Intra-area Router Path, I - Inter-area Router Path Intra-area Route List 1.0.1.0/24, Intra, cost 20, area 0.0.0.0 via 1.0.3.3, VLAN 100 1.0.2.0/24, Intra, cost 20, area 0.0.0.0 via 1.0.4.1, VLAN 200 1.0.3.0/24, Intra, cost 10, area 0.0.0.0, Connected VLAN 100 1.0.4.0/24, Intra, cost 10, area 0.0.0.0, Connected VLAN 200 1.0.17.0/24, Intra, cost 20, area 0.0.0.0 via 1.4.14.2, VLAN 300 1.4.14.0/24, Intra, cost 10, area 0.0.0.4, Connected VLAN 300 1.4.15.0/24, Intra, cost 10, area 0.0.0.4, Connected VLAN 400 Inter-area Route List 1.1.7.0/24, Inter, cost 30, area 0.0.0.0 via 1.0.4.1, VLAN 200 1.1.8.0/24, Inter, cost 40, area 0.0.0.0 via 1.0.4.1, VLAN 200 1.1.9.0/24, Inter, cost 30, area 0.0.0.0 via 1.0.4.1, VLAN 200 1.1.10.0/24, Inter, cost 20, area 0.0.0.0 via 1.0.4.1, VLAN 200 1.1.11.0/24, Inter, cost 20, area 0.0.0.0 via 1.0.4.1, VLAN 200 1.2.5.0/24, Inter, cost 30, area 0.0.0.0 via 1.0.3.3, VLAN 100 via 1.0.4.1, VLAN 200 1.2.6.0/24, Inter, cost 30, area 0.0.0.0 via 1.0.3.3, VLAN 100 via 1.0.4.1, VLAN 200 1.3.12.0/24, Inter, cost 20, area 0.0.0.0 via 1.0.3.3, VLAN 100 1.5.16.0/24, Inter, cost 20, area 0.0.0.0 via 1.4.15.1, VLAN 400 Router Path Listi 0.0.0.1 [10] via 1.0.4.1, VLAN 200, ABR, Area 0.0.0.0i 0.0.0.2 [20] via 1.0.3.3, VLAN 100, ABR/ASBR, Area 0.0.0.0i 0.0.0.2 [20] via 1.0.4.1, VLAN 200, ABR/ASBR, Area 0.0.0.0i 0.0.0.3 [10] via 1.0.3.3, VLAN 100, ABR, Area 0.0.0.0I 0.0.0.15 [30] via 1.0.4.1, VLAN 200, ASBR, Area 0.0.0.0i 0.0.0.41 [10] via 1.4.15.1, VLAN 400, ABR, Area 0.0.0.0i 0.0.0.41 [10] via 1.4.15.1, VLAN 400, ABR, Area 0.0.0.4i 0.0.0.42 [10] via 1.4.14.2, VLAN 300, ABR, Area 0.0.0.0i 0.0.0.42 [10] via 1.4.14.2, VLAN 300, ABR, Area 0.0.0.4 External Route List 1.127.1.0/24, Ext1, cost 40 via 1.0.3.3, VLAN 100 via 1.0.4.1, VLAN 200 1.99.1.0/24, Ext2, cost 20, fwd cost 30 via 1.0.4.1, VLAN 200


OSPF Status

15 OSPF Configuration Examples

This section gives some examples of configuring OSPF.

15.1 Single Area (Backbone Area) ExampleThe following illustration depicts a single area topology.

Figure 45 • Single Area Example Topology

Enable OSPF and add the interfaces to the backbone area on each router. For the required configurationfor all routers, see AN1255-usecase1.conf.

15.2 Multiple Area ExampleThe following illustration depicts a multiple area topology.

Figure 46 • Multiple Area Example Topology

This example shows a more complex setup consisting of a.o.:• a stub area• a totally stubby area• an NSSA


OSPF Configuration Examples

https://vitesse.knowledgetree.com/01qw6

• a totally NSSA• virtual link to extend the backbone area• virtual link to connect discontiguous backbone areas• route summarization• route redistribution

For the required configuration for all routers, see AN1255-usecase2.conf.


OSPF Configuration Examples

https://vitesse.knowledgetree.com/01qw7

16 Appendices

The following sections provide additional information about OSPF configuration.

16.1 Unsupported ListThe following lists features not supported in the current WebStaX OSPF software.• No support for multiple OSPF processes/instances• No support for VRF• No support for Policy Based Routing• No support for ECMP• No support for tunnels• No support for VRRP

16.2 Configuration ConsiderationsThere is no standardOSPF guidelines for themaximumnumber of routers in an area or number of neighborsin a network segment. The OSPF process load can be very heavy under a large and complicated network.The following limitations need to be considered when a switch device is placed in an OSPF domain.Table 1 • Limitations

Maximum SupportTopic

1OSPF processes/instances

128OSPF interfaces

1000 fsIngress packet throttling for OSPF control packets

4096Hardware routing entries

16.3 OSPF Commands on Cisco Layer 3 Switch Product (3650/ 3750)The following table lists OSPF commands on a Cisco Layer 3 switch product along with the correspondingWebStaX CLI commands.Table 2 • OSPF Commands on a Cisco Layer 3 Switch

WebStaX (- means the same command)CiscoFeature

• -IP routing • ip routing

OSPF process • [no] router ospf• [no] router ospf process-id[vrf vrf-name]

• -• clear ip ospf

• -OSPF

network area• [no] network ip-address wild-

card-mask area area-id

• -OSPF router ID • [no] router-id ip-address


Appendices


OSPF passive interface • [no] passive-interface• [no] ip ospf passive- interface

{default | vlan <vid_list>}(in VLAN interface configuration mode)

(in router configuration mode)

• -OSPF • [no] ip ospf priority number-valueinterface parameters tuning • -

• -• [no] ip ospf cost interface-cost • -

• [no] ip ospf dead-interval • -{seconds | minimal hello-multiplier multiplier}

• [no] ip ospf hello-intervalseconds

• [no] ip ospf retransmit- inter-val seconds

• -OSPF area authentication • [no] area area-id authentica-tion authentication [message-digest]

OSPF • [no] ip ospf authentication[null | message-digest]

• [no] ip ospf authentication[key-chain name | null |message-digest]

interface authentication

• [no] ip ospf authentication-key {unencrypted <word1-8>| encrypted <word128>}

• [no] ip ospf authentication-key password

•• [no] ip ospf message-digest-key <1-255> md5

[no] ip ospf message-digest-key key-id encryption-typemd5 key {unencrypted <word1-16> |

encrypted <word128>}

OSPF virtual link authentication • [no] area <area_id> virtual-link <router_id> authentica-tion [null | message-digest]

• [no] area area-id virtual-linkrouter-id authentication [key-chain name | null | message-digest] • [no] area <area_id> virtual-

link <router_id> authentica-tion-key

• [no] area area-id virtual-linkrouter-id authentication-keypassword {unencrypted <word1-8> |

encrypted <word128>}• [no] area area-id virtual-linkrouter-idmessage-digest- key • [no] area <area_id> virtual-

link <router_id> message- di-gest-key <1-255> md5

key-id encryption-typemd5key

{unencrypted <word1-16> |encrypted <word128>}

OSPF virtual link •• [no] area <area_id> virtual-link <router_id> [hello- inter-

[no] area area-id virtual-linkrouter-id [hello-interval sec-

val <1-65535>] [retransmit-onds] [retransmit- intervalinterval <1-65535>] [dead-in-terval <1-65535>]

seconds] [dead- interval sec-onds]

[transmit-delay seconds] [ttl-security hops hop- count]

• -OSPF stub area • [no] area area-id stub [no-summary]


Appendices


• -OSPF area range • [no] area area-id range prefix-length [advertise | not-adver-tise] [cost cost]

OSPF virtual link authentication • [no] area <area_id> virtual-link <router_id> authentica-tion [null | message-digest]

• [no] area area-id virtual-linkrouter-id authentication [key-chain name | null | message-digest] • [no] area <area_id> virtual-

link <router_id> authentica-tion-key

• [no] area area-id virtual-linkrouter-id authentication-keypassword {unencrypted <word1-8> |

encrypted <word128>}• [no] area area-id virtual-linkrouter-idmessage-digest- key • [no] area <area_id> virtual-

link <router_id> message- di-key-id encryption-typemd5key gest-key <1-255>md5 {unen-

crypted <word1-16> | en-crypted <word128>}

OSPF virtual link •• [no] area <area_id> virtual-link <router_id> [hello- inter-

[no] area area-id virtual-linkrouter-id [hello-interval sec-

val <1-65535>] [retransmit-onds] [retransmit- intervalinterval <1-65535>] [dead-in-terval <1-65535>]

seconds] [dead- interval sec-onds]

[transmit-delay seconds] [ttl-security hops hop- count]

• -OSPF stub area • [no] area area-id stub [no-summary]

• -OSPF area range • [no] area area-id range prefix-length [advertise | not-adver-tise] [cost cost]

OSPF route redistribution •• [no] redistribute {static |connected} [metric <0-16777214> | metric-type {1 | 2}]

[no] redistribute

{connected | static | bgp |eigrp | isis | iso-igrp |maxi-mum-prefix |mobile

| odr | ospf | ospfv3 | rip |

vrf } [process-id] {level-1

| level-1-2 | level-2} [as-number] [metric {metric- val-ue | transparent}] [metric-type type-value] [match {in-ternal | external 1 | external2}] [tag tag-value] [route-map map-tag] [subnets]

• -OSPF default metric • [no] default-metric metric-value

OSPF status • show ip ospf• show ip ospf [process-id]

• •show ip ospf neighbor [detail][interface-type interface-

show ip ospf neighbor [detail]

• show ip ospf interface [vlan<vlan_list>]number] [ neighbor-id ] [fast-

reroute] [summary [per- in-stance]]


Appendices


• show ip ospf [process-id] in-terface [type number] [brief][multicast] [topology {topol-ogy- name | base}]

16.4 Known IssuesThe following sections discuss the known issues during OSPF configuration.

16.4.1 Link MetricThe link metric value does not match the actual link speed, because the VLAN interfaces represent the L2broadcast domains, which may include more than one physical port. So for example, if the VLAN domainconsists of a 100M, a 1G, and a 10G port, what would be the correct metric for that VLAN interface? Weleave the question unanswered and report it as a known issue for now.

16.4.2 Only the Last Message Digest Key is AppliedUsers can configure multiple message digest keys by giving different key IDs, but only the last one is usedin OSPF authentication. For example, if the user adds keys with ID 6, ID 2, and ID 3 in that order to a specificinterface, the interface will use key ID 3 to authenticate with neighbors.

16.5 Frequently Asked QuestionsThe following sections answer some frequently asked questions and their answers.

16.5.1 Why does the OSPF Adjacency State Continuously Switch Between 'ExStart' and'Exchange'?This situation may be due to the CPU being too busy to handle the OSPF database description packetsarriving from its neighbors.

A possible solution to this is to increase the retransmit interval value to prevent a neighboring switch fromretransmitting the packets, while the switch is currently handling the previous. The following table lists therecommended retransmission intervals as a function of number of OSPF neighbors.

Use command show system cpu status to check the current CPU load and show ip ospfneighbor for the neighbor status.

Table 3 • OSPF Retransmit Interval Adjustment Suggestion

Retransmit Interval SuggestionNumber of OSPF Neighbors

512

1024

1536

2050


Appendices

Microsemi makes no warranty, representation, or guarantee regarding the information containedherein or the suitability of its products and services for any particular purpose, nor doesMicrosemiassume any liability whatsoever arising out of the application or use of any product or circuit. Theproducts sold hereunder and any other products sold by Microsemi have been subject to limitedtesting and should not be used in conjunctionwithmission-critical equipment or applications. Anyperformance specifications are believed to be reliable but are not verified, and Buyermust conductand complete all performance and other testing of the products, alone and together with, orinstalled in, any end-products. Buyer shall not rely on any data and performance specifications orparameters provided by Microsemi. It is the Buyer's responsibility to independently determinesuitability of any products and to test and verify the same. The information provided byMicrosemihereunder is provided "as is, where is" and with all faults, and the entire risk associated with suchinformation is entirely with the Buyer. Microsemi does not grant, explicitly or implicitly, to anyparty any patent rights, licenses, or any other IP rights, whether with regard to such informationitself or anything described by such information. Information provided in this document isproprietary toMicrosemi, andMicrosemi reserves the right tomake any changes to the informationin this document or to any products and services at any time without notice.

Microsemi HeadquartersOne Enterprise, Aliso Viejo,CA 92656 USA

Within the USA: +1 (800) 713-4113Outside the USA: +1 (949) 380-6100Sales: +1 (949) 380-6136Fax: +1 (949) 215-4996Email: [email protected]

© 2019 Microsemi. All rights reserved.Microsemi and the Microsemi logo aretrademarks of Microsemi Corporation. Allother trademarks and service marks are theproperty of their respective owners.

Microsemi, awholly owned subsidiary ofMicrochip Technology Inc. (Nasdaq:MCHP),offers a comprehensive portfolio of semiconductor and system solutions foraerospace&defense, communications, data center and industrialmarkets. Productsinclude high-performance and radiation-hardened analog mixed-signal integratedcircuits, FPGAs, SoCs and ASICs; power management products; timing andsynchronization devices and precise time solutions, setting the world's standardfor time; voice processing devices; RF solutions; discrete components; enterprisestorage and communication solutions; security technologies and scalable anti-tamperproducts; Ethernet solutions; Power-over-Ethernet ICs and midspans; as well ascustom design capabilities and services. Microsemi is headquartered in Aliso Viejo,California, and has approximately 4,800 employees globally. Learn more atwww.microsemi.com.

VPPD-04646


Legal

ospf software configuration guide - microchip...

Documents