Онлайн-демонстрация
Связаться с нами
5.3. Configuring OSPF
Overview
Function Introduction
OSPF is an Interior Gateway Protocol (IGP) designed expressly for IP networks, supporting IP subnet ting and tagging of externally derived routing information. OSPF also allows packet authentication and uses IP multicast when sending and receiving packets.
The implementation conforms to the OSPF Version 2 specifications with these key features:
Definition of stub areas is supported. Routes learned through any IP routing protocol can be redistributed into another IP routing protocol. At the intradomain level, this means that OSPF can import routes learned through RIP. OSPF routes can also be exported into RIP.
Plain text and MD5 authentication among neighboring routers within an area is supported: Configurable routing interface parameters include interface output cost, retransmission interval, interface transmit delay, router priority, router dead and hello intervals, and authentication key.
OSPF typically requires coordination among many internal routers, area border routers (ABRs) connected to multiple areas, and autonomous system boundary routers (ASBRs). The minimum configuration would use all default parameter values, no authentication and no interfaces assigned to areas. If you customize your environment, you must ensure coordinated configuration of all routers.
Principle Description
Reference to RFC 2328
Configuration
Basic OSPF Parameters Configuration
step 1 Enter the configure mode
Switch# configure terminal
step 2 Configure the Routing process and associate the network with a specified OSPF area
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# quit
Note:use the following command to delete the routing process.
Switch(config)# no router ospf 100
step 3 Exit the configure mode
Switch(config)# end
step 4 Validation
Switch# show ip protocols
Routing Protocol is "ospf 100"
Redistributing:
Routing for Networks:
10.10.10.0/24
Distance: (default is 110)
Enabling OSPF on an Interface
This example shows the minimum configuration required for enabling OSPF on an interface Switch1 and 2 are two routers in Area 0 connecting to network 10.10.10.0/24
Configure one interface so that it belongs to only one area. However, you can configure different interfaces on a router to belong to different areas.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address
Configure on Switch1:
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.10/24
Switch(config-if)# exit
Configure on Switch2:
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.11/24
Switch(config-if)# exit
step 3 Configure the Routing process and associate the network with a specified OSPF area
Configure on Switch1:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Configure on Switch2:
Switch(config)# router ospf 200
Switch(config-router)# network 10.10.10.0/24 area 0
Note: To using OSPF among two devices which are directly connected, the area IDs must be same. The ospf process IDs can be same or different.
step 4 Exit the configure mode
Switch(config-router)# end
step 5 Validation
Use the following command to display the database of ospf:
Switch# show ip ospf database
OSPF Router with ID (10.10.10.10) (Process ID 100)
Router Link States (Area 0)
Link ID ADV Router Age Seq CkSum Link count
10.10.10.10 10.10.10.10 26 0x80000006 0x1499 1
10.10.10.11 10.10.10.11 27 0x80000003 0x1895 1
Net Link States (Area 0)
Link ID ADV Router Age Seq CkSum
10.10.10.10 10.10.10.10 26 0x80000001 0xdfd8
Use the following command to display the interface of OSPF:
Switch# show ip ospf interface
eth-0-9 is up, line protocol is up
Internet Address 10.10.10.10/24, Area 0, MTU 1500
Process ID 100, Router ID 10.10.10.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1, TE Metric 1
Designated Router (ID) 10.10.10.10, Interface Address 10.10.10.10
Backup Designated Router (ID) 10.10.10.11, Interface Address 10.10.10.11
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:06
Neighbor Count is 1, Adjacent neighbor count is 1
Crypt Sequence Number is 1527047183
Hello received 25 sent 576, DD received 4 sent 4
LS-Req received 1 sent 1, LS-Upd received 3 sent 3
LS-Ack received 2 sent 2, Discarded 0
Use the following command to display the neighbor of OSPF:
Switch1
Switch# show ip ospf neighbor
OSPF process 100:
Neighbor ID Pri State Dead Time Address Interface
10.10.10.11 1 Full/Backup 00:00:33 10.10.10.11 eth-0-9
Switch2
Switch# show ip ospf neighbor
OSPF process 200:
Neighbor ID Pri State Dead Time Address Interface
10.10.10.10 1 Full/DR 00:00:33 10.10.10.10 eth-0-9
Use the following command to display the ospf routes:
Switch# show ip ospf route
OSPF process 100:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
C 10.10.10.0/24 [1] is directly connected, eth-0-9, Area 0
Configuring Priority
This example shows the configuration for setting the priority for an interface You can set a high priority for a router to make it the Designated Router (DR). Router Switch3 is configured to have a priority of 10, which is higher than the default priority (default priority is 1) of Switch1 and 2; making it the DR.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address
Configure on Switch1:
Switch(config)# interface eth-0-17
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.10/24
Switch(config-if)# quit
Configure on Switch2:
Switch(config)# interface eth-0-13
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.11/24
Switch(config-if)# quit
Configure on Switch3:
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.13/24
Switch(config-if)# quit
Configure on L2 Switch:
Switch(config)# interface eth-0-9
Switch(config-if)# no shutdown
Switch(config-if)# quit
Switch(config)# interface eth-0-13
Switch(config-if)# no shutdown
Switch(config-if)# quit
Switch(config)# interface eth-0-17
Switch(config-if)# no shutdown
Switch(config-if)# quit
step 3 Specify the router priority
Configure on Switch3:
Switch(config)# interface eth-0-9
Switch(config-if)# ip ospf priority 10
Switch(config-if)# quit
step 4 Configure the Routing process and associate the network with a specified OSPF area
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-if)# quit
step 5 Exit the configure mode
Switch(config)# end
step 6 Validation
Use the following command to display the neighbor of ospf:
Switch1
Switch# show ip ospf neighbor
OSPF process 100:
Neighbor ID Pri State Dead Time Address Interface
10.10.10.11 1 Full/Backup 00:00:31 10.10.10.11 eth-0-17
10.10.10.13 10 Full/DR 00:00:38 10.10.10.13 eth-0-17
Switch2
Switch# show ip ospf neighbor
OSPF process 100:
Neighbor ID Pri State Dead Time Address Interface
10.10.10.10 1 Full/DROther 00:00:39 10.10.10.10 eth-0-13
10.10.10.13 10 Full/DR 00:00:32 10.10.10.13 eth-0-13
Switch3
Switch# show ip ospf neighbor
OSPF process 100:
Neighbor ID Pri State Dead Time Address Interface
10.10.10.10 1 Full/DROther 00:00:37 10.10.10.10 eth-0-9
10.10.10.11 1 Full/Backup 00:00:32 10.10.10.11 eth-0-9
Use the following command to display the interface of ospf:
Switch1:
Switch# show ip ospf interface
eth-0-17 is up, line protocol is up
Internet Address 10.10.10.10/24, Area 0, MTU 1500
Process ID 100, Router ID 10.10.10.10, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DROther, Priority 1, TE Metric 1
Designated Router (ID) 10.10.10.13, Interface Address 10.10.10.13
Backup Designated Router (ID) 10.10.10.11, Interface Address 10.10.10.11
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:10
Neighbor Count is 2, Adjacent neighbor count is 2
Crypt Sequence Number is 1527056133
Hello received 106 sent 54, DD received 8 sent 9
LS-Req received 2 sent 3, LS-Upd received 8 sent 5
LS-Ack received 9 sent 5, Discarded 3
Switch2:
Switch# show ip ospf interface
eth-0-13 is up, line protocol is up
Internet Address 10.10.10.11/24, Area 0, MTU 1500
Process ID 100, Router ID 10.10.10.11, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State Backup, Priority 1, TE Metric 1
Designated Router (ID) 10.10.10.13, Interface Address 10.10.10.13
Backup Designated Router (ID) 10.10.10.11, Interface Address 10.10.10.11
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:10
Neighbor Count is 2, Adjacent neighbor count is 2
Crypt Sequence Number is 1527056130
Hello received 110 sent 56, DD received 8 sent 7
LS-Req received 3 sent 2, LS-Upd received 12 sent 6
LS-Ack received 11 sent 8, Discarded 0
Switch3:
Switch# show ip ospf interface
eth-0-9 is up, line protocol is up
Internet Address 10.10.10.13/24, Area 0, MTU 1500
Process ID 100, Router ID 10.10.10.13, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 10, TE Metric 1
Designated Router (ID) 10.10.10.13, Interface Address 10.10.10.13
Backup Designated Router (ID) 10.10.10.11, Interface Address 10.10.10.11
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:01
Neighbor Count is 2, Adjacent neighbor count is 2
Crypt Sequence Number is 1527056127
Hello received 32 sent 16, DD received 9 sent 9
LS-Req received 2 sent 2, LS-Upd received 11 sent 8
LS-Ack received 10 sent 8, Discarded 0
Configuring OSPF Area Parameters
You can optionally configure several OSPF area parameters. These parameters include authentication for password-based protection against unauthorized access to an area and stub areas. Stub areas are areas into which information on external routes is not sent. Instead, the area border router (ABR) generates a default external route into the stub area for destinations outside the autonomous system (AS).
Route summarization is the consolidation of advertised addresses into a
single summary route to be advertised by other areas. If network numbers
are contiguous, you can use the area range router configuration command
to configure the ABR to advertise a summary route that covers all
networks in the range.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address
Configure on Switch1:
Switch(config)# interface eth-0-17
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.10/24
Switch(config-if)# quit
Configure on Switch2:
Switch(config)# interface eth-0-13
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.11/24
Switch(config-if)# quit
Switch(config)# interface eth-0-21
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.11.11/24
Switch(config-if)# quit
Configure on Switch3:
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.13/24
Switch(config-if)# quit
Configure on Switch4:
Switch(config)# interface eth-0-21
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.11.12/24
Switch(config-if)# quit
Configure on L2 Switch:
Switch(config)# interface eth-0-9
Switch(config-if)# no shutdown
Switch(config-if)# quit
Switch(config)# interface eth-0-13
Switch(config-if)# no shutdown
Switch(config-if)# quit
Switch(config)# interface eth-0-17
Switch(config-if)# no shutdown
Switch(config-if)# quit
step 3 Set the ospf priority on the interface
Configure on Switch3:
Switch(config)# interface eth-0-9
Switch(config-if)# ip ospf priority 10
Switch(config-if)# quit
step 4 Configure the Routing process and associate the network with a specified OSPF area
Configure on Switch1:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# quit
Configure on Switch2:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# network 10.10.11.0/24 area 1
Switch(config-router)# area 0 range 10.10.10.0/24
Switch(config-router)# area 1 stub no-summary
Switch(config-router)# quit
Configure on Switch3:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# quit
Configure on Switch4:
Switch(config)# router ospf 200
Switch(config-router)# network 10.10.11.0/24 area 1
Switch(config-router)# area 1 stub no-summary
Switch(config-router)# quit
step 5 Exit the configure mode
Switch(config)# end
step 6 Validation
Use the following command to display the ospf routes:
Switch1
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
C 10.10.10.0/24 is directly connected, eth-0-17
C 10.10.10.10/32 is in local loopback, eth-0-17
O IA 10.10.11.0/24 [110/2] via 10.10.10.11, eth-0-17, 00:00:04
Switch2
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
C 10.10.10.0/24 is directly connected, eth-0-13
C 10.10.10.11/32 is in local loopback, eth-0-13
C 10.10.11.0/24 is directly connected, eth-0-21
C 10.10.11.11/32 is in local loopback, eth-0-21
Switch3
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
C 10.10.10.0/24 is directly connected, eth-0-9
C 10.10.10.13/32 is in local loopback, eth-0-9
O IA 10.10.11.0/24 [110/2] via 10.10.10.11, eth-0-9, 00:06:29
Switch4
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
Gateway of last resort is 10.10.11.11 to network 0.0.0.0
O*IA 0.0.0.0/0 [110/2] via 10.10.11.11, eth-0-21, 00:12:46
C 10.10.10.0/24 is directly connected, eth-0-21
C 10.10.10.12/32 is in local loopback, eth-0-21
Redistributing Routes into OSPF
In this example the configuration causes RIP routes to be imported into the OSPF routing table and advertised as Type 5 External LSAs into Area 0.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address
Configure on Switch1:
Switch(config)# interface eth-0-17
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.10/24
Switch(config-if)# quit
Configure on Switch2:
Switch(config)# interface eth-0-13
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.11/24
Switch(config-if)# quit
Switch(config)# interface eth-0-21
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.11.11/24
Switch(config-if)# quit
Configure on Switch3:
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.10.13/24
Switch(config-if)# quit
Configure on Switch4:
Switch(config)# interface eth-0-21
Switch(config-if)# no switchport
Switch(config-if)# no shutdown
Switch(config-if)# ip address 10.10.11.12/24
Switch(config-if)# quit
Switch(config)# interface loopback 0
Switch(config-if)# ip address 1.1.1.1/32
Switch(config-if)# quit
Configure on L2 Switch:
Switch(config)# interface eth-0-9
Switch(config-if)# no shutdown
Switch(config-if)# quit
Switch(config)# interface eth-0-13
Switch(config-if)# no shutdown
Switch(config-if)# quit
Switch(config)# interface eth-0-17
Switch(config-if)# no shutdown
Switch(config-if)# quit
step 3 Set the ospf priority on the interface
Configure on Switch3:
Switch(config)# interface eth-0-9
Switch(config-if)# ip ospf priority 10
Switch(config-if)# quit
step 4 Configure the Routing process and associate the network with a specified OSPF area
Configure on Switch1:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# quit
Configure on Switch2:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# redistribute connected
Switch(config-router)# redistribute rip
Switch(config-router)# quit
Configure on Switch3:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# quit
step 5 Enable RIP routing process and associate networks
Configure on Switch2:
Switch(config)# router rip
Switch(config-router)# network 10.10.11.0/24
Switch(config-router)# redistribute connected
Switch(config-router)# quit
Configure on Switch4:
Switch(config)# router rip
Switch(config-router)# network 10.10.11.0/24
Switch(config-router)# network 1.1.1.1/32
Switch(config-router)# redistribute connected
Switch(config-router)# quit
step 6 Exit the configure mode
Switch(config)# end
step 6 Validation
Use the following command to display the ospf routes:
Switch1:
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
O E2 1.1.1.1/32 [110/20] via 10.10.10.11, eth-0-17, 00:01:54
C 10.10.10.0/24 is directly connected, eth-0-17
C 10.10.10.10/32 is in local loopback, eth-0-17
O E2 10.10.11.0/24 [110/20] via 10.10.10.11, eth-0-17, 00:03:49
Switch2:
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
R 1.1.1.1/32 [120/2] via 10.10.11.12, eth-0-21, 00:02:27
C 10.10.10.0/24 is directly connected, eth-0-13
C 10.10.10.11/32 is in local loopback, eth-0-13
C 10.10.11.0/24 is directly connected, eth-0-21
C 10.10.11.11/32 is in local loopback, eth-0-21
Switch3:
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
O E2 1.1.1.1/32 [110/20] via 10.10.10.11, eth-0-9, 00:03:01
C 10.10.10.0/24 is directly connected, eth-0-9
C 10.10.10.13/32 is in local loopback, eth-0-9
O E2 10.10.11.0/24 [110/20] via 10.10.10.11, eth-0-9, 00:04:57
Switch4:
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
Dc - DHCP Client
[*] - [AD/Metric]
* - candidate default
C 1.1.1.1/32 is directly connected, loopback0
R 10.10.10.0/24 [120/2] via 10.10.11.11, eth-0-21, 00:17:36
C 10.10.11.0/24 is directly connected, eth-0-21
C 10.10.11.12/32 is in local loopback, eth-0-21
Use the following command to display the database of ospf:
Switch1:
Switch# show ip ospf database external
OSPF Router with ID (10.10.10.10) (Process ID 100)
AS External Link States
LS age: 317
Options: 0x2 (*--E|-)
LS Type: AS-external-LSA
Link State ID: 1.1.1.1 (External Network Number)
Advertising Router: 10.10.10.11
LS Seq Number: 80000001
Checksum: 0x4a47
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
LS age: 438
Options: 0x2 (*--E|-)
LS Type: AS-external-LSA
Link State ID: 10.10.11.0 (External Network Number)
Advertising Router: 10.10.10.11
LS Seq Number: 80000001
Checksum: 0x0472
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
Switch2:
Switch# show ip ospf database external
OSPF Router with ID (10.10.10.11) (Process ID 100)
AS External Link States
LS age: 367
Options: 0x2 (*--E|-)
LS Type: AS-external-LSA
Link State ID: 1.1.1.1 (External Network Number)
Advertising Router: 10.10.10.11
LS Seq Number: 80000001
Checksum: 0x4a47
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
LS age: 487
Options: 0x2 (*--E|-)
LS Type: AS-external-LSA
Link State ID: 10.10.11.0 (External Network Number)
Advertising Router: 10.10.10.11
LS Seq Number: 80000001
Checksum: 0x0472
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
Switch3:
Switch# show ip ospf database external
OSPF Router with ID (10.10.10.13) (Process ID 100)
AS External Link States
LS age: 396
Options: 0x2 (*--E|-)
LS Type: AS-external-LSA
Link State ID: 1.1.1.1 (External Network Number)
Advertising Router: 10.10.10.11
LS Seq Number: 80000001
Checksum: 0x4a47
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
LS age: 517
Options: 0x2 (*--E|-)
LS Type: AS-external-LSA
Link State ID: 10.10.11.0 (External Network Number)
Advertising Router: 10.10.10.11
LS Seq Number: 80000001
Checksum: 0x0472
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
OSPF Cost
You can make a route the preferred route by changing its cost. In this example, cost has been configured to make Switch2 the next hop for Switch1.
The default cost on each interface is 1(1000M speed). Interface eth2 on Switch2 has a cost of 100 and interface eth2 on Switch3 has a cost of 150. The total cost to reach (Switch4 network 10.10.14.0) through Switch2 and Switch3:
Switch2: 1+1+100 = 102
Switch3: 1+1+150 = 152
Therefore, Switch1 chooses Switch2 as its next hop for destination Switch4.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address. Set the ospf cost under the interface configure mode
Configure on Switch1:
Switch(config)# interface eth-0-1
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.10.1/24
Switch(config-if)# exit
Switch(config)# interface eth-0-2
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.12.1/24
Switch(config-if)# exit
Configure on Switch2:
Switch(config)# interface eth-0-1
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.10.2/24
Switch(config-if)# exit
Switch(config)# interface eth-0-2
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.11.2/24
Switch(config-if)# ip ospf cost 100
Switch(config-if)# exit
Configure on Switch3:
Switch(config)# interface eth-0-1
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.12.2/24
Switch(config-if)# exit
Switch(config)# interface eth-0-2
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.13.2/24
Switch(config-if)# ip ospf cost 150
Switch(config-if)# exit
Configure on Switch4:
Switch(config)# interface eth-0-1
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.11.1/24
Switch(config-if)# exit
Switch(config)# interface eth-0-2
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.13.1/24
Switch(config-if)# exit
Switch(config)# interface eth-0-3
Switch(config-if)# no switchport
Switch(config-if)# ip address 10.10.14.1/24
Switch(config-if)# exit
step 3 Configure the Routing process and associate the network with a specified OSPF area
Configure on Switch1:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# network 10.10.12.0/24 area 0
Switch(config-router)# exit
Configure on Switch2:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.10.0/24 area 0
Switch(config-router)# network 10.10.11.0/24 area 0
Switch(config-router)# exit
Configure on Switch3:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.12.0/24 area 0
Switch(config-router)# network 10.10.13.0/24 area 0
Switch(config-router)# exit
Configure on Switch4:
Switch(config)# router ospf 100
Switch(config-router)# network 10.10.11.0/24 area 0
Switch(config-router)# network 10.10.13.0/24 area 0
Switch(config-router)# network 10.10.14.0/24 area 0
Switch(config-router)# exit
step 4 Exit the configure mode
Switch(config)# end
step 5 Validation
Use the following command to display the ospf routes:
Switch1:
Switch# show ip ospf route
OSPF process 0:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
C 10.10.10.0/24 [1] is directly connected, eth-0-1, Area 0
O 10.10.11.0/24 [101] via 10.10.10.2, eth-0-1, Area 0
C 10.10.12.0/24 [1] is directly connected, eth-0-2, Area 0
O 10.10.13.0/24 [102] via 10.10.10.2, eth-0-1, Area 0
O 10.10.14.0/24 [102] via 10.10.10.2, eth-0-1, Area 0
Switch2:
Switch# show ip ospf route
OSPF process 100:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
C 10.10.10.0/24 [10] is directly connected, eth-0-1, Area 0
C 10.10.11.0/24 [100] is directly connected, eth-0-2, Area 0
O 10.10.12.0/24 [11] via 10.10.10.1, eth-0-1, Area 0
O 10.10.13.0/24 [101] via 10.10.11.1, eth-0-2, Area 0
O 10.10.14.0/24 [101] via 10.10.11.1, eth-0-2, Area 0
Switch3:
Switch# show ip ospf route
OSPF process 100:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
O 10.10.10.0/24 [1] via 10.10.12.1, eth-0-1, Area 0
O 10.10.11.0/24 [101] via 10.10.12.1, eth-0-1, Area 0
C 10.10.12.0/24 [1] is directly connected, eth-0-1, Area 0
O 10.10.13.0/24 [102] via 10.10.12.1, eth-0-1, Area 0
O 10.10.14.0/24 [102] via 10.10.12.1, eth-0-1, Area 0
Switch4:
Switch# show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
[*] - [AD/Metric]
* - candidate default
O 10.10.10.0/24 [110/1] via 10.10.11.2, eth-0-1, 00:06:27
C 10.10.11.0/24 is directly connected, eth-0-1
O 10.10.12.0/24 [110/1] via 10.10.13.2, eth-0-2, 00:06:17
C 10.10.13.0/24 is directly connected, eth-0-2
C 10.10.14.0/24 is directly connected, eth-0-3
Configuring OSPF authentications
In our implementation there are three types of OSPF authentications: Null authentication (Type 0), Simple Text (Type 1) authentication and MD5 (Type 2) authentication. With null authentication, routing exchanges over the network are not authenticated. In Simple Text authentication, the authentication type is the same for all routers that communicate using OSPF in a network. For MD5 authentication, you configure a key and a key-id on each router. The router generates a message digest on the basis of the key, key ID and the OSPF packet and adds it to the OSPF packet.
The Authentication type can be configured on a per-interface basis or a per-area basis. Additionally, Interface and Area authentication can be used together. Area authentication is used for an area and interface authentication is used for a specific interface in the area. If the Interface authentication type is different from Area authentication type, Interface authentication type overrides the Area authentication type. If the Authentication type is not specified for an interface, the Authentication type for the area is used. The authentication command descriptions contain details of each type of authentication. Refer to the OSPF Command Reference for OSPF authentication commands.
In the example below, Switch1 and B are configured for both the interface and area authentications. The authentication type of interface eth-0-9 on Switch1 and interface eth-0-9 on Switch2 is null authentication mode The authentication type of interface eth-0-1 on Switch2 and interface eth-0-1 on Switch3 is simple authentication mode The authentication type of interface eth-0-2 on Switch3 and interface eth-0-2 on Switch4 is MD5 authentication mode in area1, if you define area 1 authentication type first, you needn’t define interface authentication type, only define authentication key value.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address. Set the ospf authentication under the interface configure mode
Configure on Switch1:
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# ip address 9.9.9.1/24
Switch(config-if)# ip ospf authentication
Switch(config-if)# ip ospf authentication null
Switch(config-if)# exit
Configure on Switch2:
Switch(config)# interface eth-0-1
Switch(config-if)# no switchport
Switch(config-if)# ip address 1.1.1.1/24
Switch(config-if)# ip ospf authentication
Switch(config-if)# ip ospf authentication-key test
Switch(config-if)# exit
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# ip address 9.9.9.2/24
Switch(config-if)# ip ospf authentication
Switch(config-if)# ip ospf authentication null
Switch(config-if)# exit
Configure on Switch3:
Switch(config)# interface eth-0-2
Switch(config-if)# no switchport
Switch(config-if)# ip address 2.2.2.1/24
Switch(config-if)# ip ospf message-digest-key 2 md5 ospf
Switch(config-if)# exit
Switch(config)# interface eth-0-1
Switch(config-if)# no switchport
Switch(config-if)# ip address 1.1.1.2/24
Switch(config-if)# ip ospf authentication
Switch(config-if)# ip ospf authentication-key test
Switch(config-if)# exit
Configure on Switch4:
Switch(config)# interface eth-0-2
Switch(config-if)# no switchport
Switch(config-if)# ip address 2.2.2.2/24
Switch(config-if)# ip ospf message-digest-key 2 md5 ospf
Switch(config-if)# exit
step 3 Configure the Routing process and associate the network with a specified OSPF area
Configure on Switch1:
Switch(config)# router ospf
Switch(config-router)# network 9.9.9.0/24 area 0
Switch(config-router)# exit
Configure on Switch2:
Switch(config)# router ospf
Switch(config-router)# network 9.9.9.0/24 area 0
Switch(config-router)# network 1.1.1.0/24 area 0
Switch(config-router)# exit
Configure on Switch3:
Switch(config)# router ospf
Switch(config-router)# area 1 authentication message-digest
Switch(config-router)# network 2.2.2.0/24 area 1
Switch(config-router)# network 1.1.1.0/24 area 0
Switch(config-router)# exit
Configure on Switch4:
Switch(config)# router ospf
Switch(config-router)# area 1 authentication message-digest
Switch(config-router)# network 2.2.2.0/24 area 1
Switch(config-router)# exit
step 4 Exit the configure mode
Switch(config)# end
step 5 Validation
Use the following command to display the neighbor of OSPF:
Switch1
Switch# show ip ospf neighbor
OSPF process 0:
Neighbor ID Pri State Dead Time Address Interface
9.9.9.2 1 Full/DR 00:00:38 9.9.9.2 eth-0-9
Switch2
Switch# show ip ospf neighbor
OSPF process 0:
Neighbor ID Pri State Dead Time Address Interface
2.2.2.1 1 Full/Backup 00:00:35 1.1.1.2 eth-0-1
1.1.1.1 1 Full/Backup 00:00:38 9.9.9.1 eth-0-9
Switch3
Switch# show ip ospf neighbor
OSPF process 0:
Neighbor ID Pri State Dead Time Address Interface
9.9.9.2 1 Full/DR 00:00:35 1.1.1.1 eth-0-1
2.2.2.2 1 Full/DR 00:00:38 2.2.2.2 eth-0-2
Switch4
Switch# show ip ospf neighbor
OSPF process 0:
Neighbor ID Pri State Dead Time Address Interface
2.2.2.1 1 Full/Backup 00:00:35 2.2.2.1 eth-0-2
Use the following command to display the interface of OSPF:
Switch3
Switch# show ip ospf interface
eth-0-1 is up, line protocol is up
Internet Address 1.1.1.2/24, Area 0, MTU 1500
Process ID 0, Router ID 2.2.2.1, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State Backup, Priority 1, TE Metric 1
Designated Router (ID) 9.9.9.2, Interface Address 1.1.1.1
Backup Designated Router (ID) 2.2.2.1, Interface Address 1.1.1.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:01
Neighbor Count is 1, Adjacent neighbor count is 1
Crypt Sequence Number is 1301244696
Hello received 385 sent 384, DD received 3 sent 5
LS-Req received 1 sent 1, LS-Upd received 11 sent 14
LS-Ack received 12 sent 10, Discarded 1
Simple password authentication enabled
Use the following command to display the protocol state of ospf process:
Switch3
Switch# show ip ospf
Routing Process "ospf 0" with ID 2.2.2.1
Process uptime is 1 hour 7 minutes
Process bound to VRF default
Conforms to RFC2328, and RFC1583 Compatibility flag is disabled
Supports only single TOS(TOS0) routes
Supports opaque LSA
This router is an ABR, ABR Type is Alternative Cisco (RFC3509)
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Refresh timer 10 secs
Number of incomming current DD exchange neighbors 0/5
Number of outgoing current DD exchange neighbors 0/5
Number of external LSA 0. Checksum 0x000000
Number of opaque AS LSA 0. Checksum 0x000000
Number of non-default external LSA 0
External LSA database is unlimited.
Number of LSA originated 17
Number of LSA received 57
Number of areas attached to this router: 2
Area 0 (BACKBONE)
Number of interfaces in this area is 1(1)
Number of fully adjacent neighbors in this area is 1
Area has no authentication
SPF algorithm last executed 01:06:56.340 ago
SPF algorithm executed 16 times
Number of LSA 6. Checksum 0x034b09
Area 1
Number of interfaces in this area is 1(1)
Number of fully adjacent neighbors in this area is 1
Number of fully adjacent virtual neighbors through this area is 0
Area has message digest authentication
SPF algorithm last executed 00:03:29.430 ago
SPF algorithm executed 17 times
Number of LSA 5. Checksum 0x0230e3
Application cases
N/A
Configuring OSPF authentications password encryption
When we configure the OSPF authentication, the authentication-key is simple words. Thus, the authentication-key is shown as simple words in system. In order to increase the safety of our system, the OSPF authentication-key is shown as encryption words. Additionally, the system now supports configuring OSPF authentication with encryption words.
Simple Password
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address. Set the ospf authentication under the interface configure mode and simple password
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# ip address 9.9.9.1/24
Switch(config-if)# ip ospf authentication
Switch(config-if)# ip ospf authentication-key test
Switch(config-if)# exit
step 3 Enter the configure mode, translate to encryption password and show it
Switch(config)# service password-encryption
Switch(config)# show running-config
!
service password-encryption
!
interface eth-0-9
no switchport
ip address 9.9.9.1/24
ip ospf authentication-key 8 af0443346357baf8
!
step 4 Disable the function of showing encryption password, delete the old authentication-key and set new one, then show the password
Switch(config)# no service password-encryption
Switch(config)# interface eth-0-9
Switch(config-if)# no ip ospf authentication-key
Switch(config-if)# ip ospf authentication-key test123
Switch(config-if)# exit
Switch(config)# show running-config
!
no service password-encryption
!
interface eth-0-9
no switchport
ip address 9.9.9.1/24
ip ospf authentication-key test123
!
step 5 Configuring OSPF encryption password
Switch(config)# interface eth-0-9
Switch(config-if)# no ip ospf authentication-key
Switch(config-if)# ip ospf authentication-key 8 af0443346357baf8
Switch(config-if)# exit
Switch(config)# show running-config
!
no service password-encryption
!
interface eth-0-9
no switchport
ip address 9.9.9.1/24
ip ospf authentication-key test123
!
MD5 Password
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the interface configure mode, set the attributes and ip address. Set the ospf authentication under the interface configure mode and simple password
Switch(config)# interface eth-0-9
Switch(config-if)# no switchport
Switch(config-if)# ip address 9.9.9.1/24
Switch(config-if)# ip ospf authentication message-digest
Switch(config-if)# ip ospf message-digest-key 1 md5 ospf
Switch(config-if)# exit
step 3 Enter the configure mode, translate to encryption password and show it
Switch(config)# service password-encryption
Switch(config)# show running-config
!
service password-encryption
!
interface eth-0-9
no switchport
ip address 9.9.9.1/24
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 8 1f0276567f2db31f
!
step 4 Disable the function of showing encryption password, delete the old authentication-key and set new one, then show the password
Switch(config)# no service password-encryption
Switch(config)# interface eth-0-9
Switch(config-if)# no ip ospf message-digest-key 1
Switch(config-if)# ip ospf message-digest-key 1 md5 ospf123
Switch(config-if)# exit
Switch(config)# show running-config
!
no service password-encryption
!
interface eth-0-9
no switchport
ip address 9.9.9.1/24
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 ospf123
!
step 5 Configuring OSPF encryption password
Switch(config)# interface eth-0-9
Switch(config-if)# no ip ospf message-digest-key 1
Switch(config-if)# ip ospf message-digest-key 1 md5 8 1f0276567f2db31f
Switch(config-if)# exit
Switch(config)# show running-config
!
no service password-encryption
!
interface eth-0-9
no switchport
ip address 9.9.9.1/24
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 8 1f0276567f2db31f
!