Configuring OSPF

Contents

1Overview
1.1Areas
1.2Router Functions
1.3Route Selection Process
1.4Packet Types
1.5Link-State Advertisements
1.6Sham Links
1.7Virtual Links
1.8Passive Mode
1.9OSPFv3

2

Configuration and Operations Tasks
2.1Configuring OSPF
2.2Configuring OSPFv3
2.3OSPF Operations Tasks

3

Configuration Examples
3.1Basic OSPF
3.2Configuring LDP-IGP Synchronization Between LDP and OSPF
3.3OSPF Route Redistribution
3.4OSPFv3 Route Redistribution and Aggregation
3.5MD5 Authentication
3.6Simple Key Chain
Copyright

© Ericsson AB 2009–2011. All rights reserved. No part of this document may be reproduced in any form without the written permission of the copyright owner.

Disclaimer

The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.

Trademark List
SmartEdge is a registered trademark of Telefonaktiebolaget LM Ericsson.
NetOp is a trademark of Telefonaktiebolaget LM Ericsson.

1   Overview

This document provides an overview of the Open Shortest Path First (OSPF) and describes the tasks and commands used to configure, monitor, troubleshoot, and administer OSPF features through the SmartEdge® router.

OSPF is an Interior Gateway Protocol (IGP) that uses link-state advertisements (LSAs) to inform other routers of the state of the sender’s links. In a link-state routing protocol, each router distributes information about its interfaces and neighbor relationships. The collection of the link states of individual routers forms a database that describes the autonomous system (AS) topology. As OSPF routers accumulate link-state information, they use the Shortest Path First (SPF) algorithm to calculate the shortest path to each node, which forms the basis for developing routing information for that autonomous system.

Redback Networks supports multiple OSPF features, including those specified in the following IETF drafts and RFCs:

In OSPF, the autonomous system can be hierarchically organized by partitioning it into areas; see Figure 1.

Figure 1   OSPF Hierarchy

Externally derived routes, also called AS-external routes, are routes learned from other routing protocols that are redistributed into the OSPF routing process. These AS-external routes are advertised to all areas, except for stub areas and not-so-stubby-areas (NSSAs). AS-external routes can also be forwarded out to another AS through routers on its boundary.

In-depth information on how OSPF is structured, and how it operates, is described in the following sections.

1.1   Areas

Each area can contain a group of contiguous networks and hosts. An area border router (ABR) communicates routing information between the areas.

Because routers within the same area share the same information, they have identical topological databases. An area’s topology is invisible to entities outside the area. By keeping area topologies separate, OSPF passes less routing traffic than it would if an autonomous system were not partitioned.

Area partitioning creates two different types of OSPF routing, depending on whether the source and destination are in the same or different areas. Intra-area routing occurs when the source and destination are in the same area; inter-area routing occurs when they are in different areas.

The different area types are described in the following sections.

1.1.1   Normal and Backbone

A normal OSPF area, including the backbone area, is distinguished by the fact that it can carry transit traffic, allowing LSAs from outside the autonomous system (type 5 AS-external-LSAs) to be flooded throughout the area. Type 5 AS-external-LSAs can be originated both by routers internal to the area or by ABRs.

Hierarchical organization of an OSPF autonomous system requires one of the areas to be configured as the backbone area. The backbone area is configured with an identity of 0 and must be contiguous, contain all area border routers, and be responsible for distributing routing information to all other nonbackbone areas.

1.1.2   Stub

OSPF also allows some areas to be configured as stub areas. Type 5 AS-external LSAs are not flooded into a stub area, thereby reducing the link state database size and the processor and memory usage of routers inside stub areas. While a stub area cannot propagate routes external to the autonomous system in which it resides, it can propagate a default route, intra-area routes, and inter-area routes. A stub area relies on default routing to forward traffic addressed to external destinations. The backbone area cannot be configured as a stub area.

The SmartEdge router also supports totally-stubby areas which suppress the advertisement of type 3 and 4 LSAs. To create a totally-stubby area, you must enter the area-type stub no-summary command on the border routers of an area.

1.1.3   Not-So-Stubby-Area

Not-so-stubby-areas (NSSAs) are an extension of OSPF stub areas. Their intent is to preserve the properties of a stub area, while allowing limited import of external routes from other routing domains. These routes are imported as Type 7 NSSA-external LSAs, which are flooded only within the NSSA. For propagation of these routes to other areas, type 7 LSAs must be translated into type 5 external LSAs by the NSSA ABR. NSSA ABRs will also advertise a type 7 default route into the NSSA, and can be configured to summarize and to filter the translation of type 7 NSSA-external LSAs into Type 5 external LSAs.

1.2   Router Functions

Depending on its location in the OSPF hierarchy, an OSPF router can provide one or more of the following functions:

1.3   Route Selection Process

A routing table contains all the information necessary to forward an IP packet to a destination. When forwarding an IP data packet, the routing table entry providing the best match for the packet’s IP destination is located. In the case of OSPF, the best path to a destination is determined via the SPF computation performed on the link-state database.

From the link-state database, the router uses the Dijkstra algorithm to construct a tree of shortest paths with itself as root. This shortest-path tree gives the route to each destination in the autonomous system. A separate SPF computation is performed and a different tree is constructed for each area in which the router resides. Externally derived routing information appears on the tree as leaves. OSPF intra-area and inter-area paths are preferred over external paths.

1.4   Packet Types

OSPF runs directly on top of IP (protocol 89). There are five types of packets specified in OSPF:

Each packet includes a common header; see Figure 2.

Figure 2   OSPF Packet Header

The OSPF packet header contains the following fields:

1.5   Link-State Advertisements

Table 1 provides each LSA type and its description.

Table 1    LSA Type and Description

ID

Type

Description

1

Router-LSA

Originated by all routers. Describes the collected states of the router’s interfaces to an area. Flooded throughout a single area only.

2

Network-LSA

Originated by the designated router. Contains the list of routers connected to the network. Flooded throughout a single area only.

3

Summary-LSA (networks)

Flooded throughout a single area only. Describes routes to networks. Each summary LSA describes a route to a destination outside the area, but still inside the autonomous system.

4

Summary-LSA (routers)

Flooded throughout a single area only. Describes routes to ASBRs. Each summary LSA describes a route to a destination outside the area, but still inside the autonomous system.

5

AS-external-LSA

Originated by ASBRs and flooded throughout the autonomous system. Each AS-external LSA describes a route to a destination in another autonomous system. Default routes for the AS can also be described by AS-external LSAs.

7

NSSA-external-LSA

Flooded throughout a single area only. Type 7 LSAs are advertised only within an NSSA. When forwarded outside the NSSA to non-stub areas, Type 7 LSAs are converted into Type 5 LSAs by an ABR configured to perform translation, or by the ABR with the highest router ID. ABRs can be configured to summarize and filter Type 7 LSAs.

9

Link local scope opaque LSA

Type 9 Opaque LSAs are not flooded beyond the local (sub)network.

10

Area local scope opaque LSA

Type 10 Opaque LSAs are not flooded beyond the borders of their associated area.

11

AS scope opaque LSA

The flooding scope of Type 11 LSAs are equivalent to the flooding scope of AS-external (Type 5) LSAs. Specifically, Type 11 Opaque LSAs are:


  • Flooded throughout all transit areas

  • Not flooded into stub areas from the backbone

  • Not originated by routers into their connected stub areas

Note:  
Type 8 LSAs are not supported.

1.6   Sham Links

A sham link is an OSPF adjacency tunneled over a VPN backbone. Sham links allow the VPN backbone path to be preferred when there are intra-area backdoor links between customer edge (CE) routers in the VPN.

The local connected route corresponding to the source IP address for the sham link must be redistributed into BGP and advertised over the VPN infrastructure to a provider edge (PE) router containing the other end of the sham link.

The route corresponding the remote end of the sham link must be redistributed into the corresponding OSPF instance in the VPN context. VPN routing must be enabled for the OSPF instance.

The cost of the sham link can be configured or will inherit the BGP Multi-Exit Discriminator (MED) from the VPN route.

For more information on sham links, see RFC 4577, OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs).

1.7   Virtual Links

The single backbone area (0.0.0.0) cannot be disconnected, or some areas of the autonomous system will become unreachable. To establish and maintain connectivity of the backbone, virtual links can be configured through non-backbone areas. Virtual links serve to connect physically separate components of the backbone. The two endpoints of a virtual link are area border routers. The virtual link must be configured in both routers. The configuration information in each router consists of the other virtual endpoint (the other area border router), and the non-backbone area the two routers have in common, which is called the transit area. Virtual links cannot be configured through stub areas.

The virtual link is treated as if it were an unnumbered point-to-point network belonging to the backbone and joining the two area border routers. An attempt is made to establish an adjacency over the virtual link. When this adjacency is established, the virtual link is included in backbone router LSAs, and OSPF packets pertaining to the backbone area flow over the virtual adjacency.

In each endpoint router, the cost and viability of the virtual link is discovered by examining the routing table entry for the other endpoint router. An InterfaceUp event occurs for a virtual link when its corresponding routing table entry becomes reachable, and an InterfaceDown event occurs when its routing table entry becomes unreachable.

The other details concerning virtual links are as follows:

For more information on virtual links, see RFC 2328, OSPF Version 2.

1.8   Passive Mode

Under normal operation, OSPF sends and receives OSPF packets on an interface, and advertises the interface’s IP subnet as an intra-area stub network in the OSPF routing domain. When OSPF passive mode is enabled, OSPF continues to advertise the interface’s IP subnet, but it does not send OSPF packets and drops all received OSPF packets. OSPF passive mode can be enabled for either of the following:

For more information about configuring OSPF passive mode, see the description for the passive command.

1.9   OSPFv3

OSPF Version 3 (OSPFv3) is the version of OSPF that supports IP Version 6 (IPv6). The fundamental mechanisms of OSPF (flooding, area support, and Shortest Path First [SPF] calculations) remain unchanged in OSPFv3; however, because of changes in protocol semantics between IPv4 and IPv6, or simply to handle the increased address size of IPv6, the following changes have been made in OSPFv3:

OSPFv3 also supports all optional OSPF capabilities, including on-demand circuits, NSSA areas, and multicast extensions.

For a description of IPv6 addressing and the types of IPv6 addresses, see RFC 3513, Internet Protocol Version 6 (IPv6) Addressing Architecture.

For more information on OSPF support for IPV6, see RFC 5340, OSPF for IPv6.

Note:  
When IP Version 6 (IPv6) addresses are not referenced or explicitly specified, the term, IP address, can refer generally to IP Version 4 (IPv4) addresses, IPv6 addresses, or IP addressing. In instances where IPv6 addresses are referenced or explicitly specified, the term, IP address, refers only to IPv4 addresses.

2   Configuration and Operations Tasks

To configure OSPF or OSPFv3, perform the tasks described in the following sections.

Note:  
In this section, the command syntax in the task tables displays only the root command.

2.1   Configuring OSPF

To configure OSPF, perform the tasks described in the sections that follow.

2.1.1   Configure an OSPF Routing Instance

To configure an OSPF routing instance, perform the tasks described in Table 2. Enter all commands in OSPF router configuration mode, unless otherwise noted.

Table 2    Configure an OSPF Routing Instance

Task

Root Command

Notes

Create an OSPF routing instance and enter OSPF router configuration mode.

router ospf

Enter this command in context configuration mode.

Specify that the OSPF interface cost is computed automatically and to configure the reference bandwidth that is used in the interface cost computation.

auto-cost

The interface cost is computed by dividing the reference bandwidth by the interface speed. A cost of one is assigned if the interface speed is greater than the reference bandwidth.


You can override the automatic cost setting on individual interfaces by issuing the cost command in OSPF interface configuration mode. For more information, see Configure an OSPF Interface.

Enable the advertisement of router capabilities using OSPF opaque LSAs.

capabilities

Configure a default metric that is used for redistributed OSPF routes when no metric is specified.

default-metric (OSPF)

Modify the OSPF distance value of one or more of these route types.

distance (OSPF)

The distance value of a route is used to select the preferred route when there are equivalent routes from multiple protocols. When a distance comparison is made the route with the lowest distance is selected. By default, OSPF external, inter-area, and intra-area routes are set to a distance value of 110.

Enable fast convergence for the OSPF instance.

fast-convergence (OSPF)

Use the spf-delay-interval argument to set an SPF delay that is less than one second. When fast convergence is enabled, the spf-delay-interval argument provides an SPF delay with sub-second (millisecond) granularity, and the value for the delay argument of the spf-timers command (in OSPF router configuration mode) is ignored, regardless of whether it has been configured. Otherwise, under normal convergence, the delay argument value (in seconds) is used.


Use the max-spf-count argument to allow additional SPF calculations within the SPF hold time specified by the spf-timers command. Specifying a value greater than zero effectively squeezes additional SPF calculations into the SPF time interval; specifying a value of zero does not allow for squeezing additional SPF calculations into the SPF hold time and returns OSPF to the standard SPF hold time behavior.

Enable OSPF fast LSA origination for an OSPF instance.

fast-lsa-origination

Normally, OSPF originates an LSA every five seconds. Because there can be multiple changes to router or network LSAs during that five-second interval, the five-second LSA origination limit can slow network convergence. When fast LSA origination is enabled, up to four instances of the same LSA can be originated in the same five-second interval.


Likewise, LSA reception is normally rate limited to one new LSA instance per second. LSA instances received in less than one second after the previous LSA instance are dropped. When fast LSA origination is enabled, LSA reception is not restricted to one new instance per second.

Enable graceful restart for an OSPF instance.

graceful-restart (OSPF)

Enables LDP-IGP synchronization between OSPF and LDP.

ldp-igp-synchronization [timeout seconds]

Use the optional timeout seconds construct to set the maximum number of seconds the interface waits before transporting traffic without receiving notification from LDP that label exchange is completed.(1)

Log neighbor transitions to and from the full neighbor adjacency state.

log-neighbor-up-down

Enable the use of MPLS LSPs as intra-area next hops.

mpls shortcuts

Enable the advertisement of OSPF Traffic Engineering (TE) metrics.

mpls traffic-engineering

Originate the default route advertisement in the OSPF routing domain.

originate-default

Configure a fixed OSPF router ID for the SmartEdge router.

router-id (OSPF)

The router ID is used by OSPF to identify the originating router for packets and link-state advertisements (LSAs). If the OSPF router ID is not configured, OSPF chooses the lowest loopback interface address. If there are no loopback interfaces, OSPF chooses the lowest interface address. The default OSPF router ID is selected when OSPF is started initially or restarted using the process restart ospf command in exec mode.

Configure the delay time between the receipt of a topology change and the start of the Shortest Path First (SPF) calculation, and to determine the hold time between two consecutive SPF calculations.

spf-timers

Configure the SmartEdge router as an OSPF stub router.

stub-router

Configure the redistribution of routes into the OSPF routing instance.

For the complete list of tasks used to configure the redistribution of routes into the OSPF routing instance, see Configure the Redistribution of Routes into OSPF.

Configure an OSPF area.

For the complete list of tasks used to configure an OSPF area, see Configure an OSPF Area.

(1)  Use the ldp-igp-synchronization timeout command in LDP configuration mode to set the maximum number of seconds LDP waits before notifying the IGP that label exchange is completed, so that IGP can start advertising the normal metric for the link. See Configuring LDP for more information.


2.1.2   Configure the Redistribution of Routes into OSPF

You can redistribute routes learned from other protocols into the OSPF routing instance, set a limit on the number of routes that can be redistributed into the OSPF routing instance, and set a limit on the number of routes per second that can be redistributed into the OSPF routing instance.

Note:  
IPv6 routes cannot be redistributed into an OSPF routing instance.

To configure the redistribution of routes into the OSPF routing instance, perform the tasks described in Table 3. Enter all commands in OSPF router configuration mode.

Table 3    Configure the Redistribution of Routes into OSPF

Task

Root Command

Notes

Redistribute routes learned from other protocols into the OSPF routing instance.

redistribute (OSPF)

Set a maximum limit on the number of routes that can be redistributed into the specified OSPF instance.

maximum redistribute (OSPF)

Set a maximum limit on the number of routes that can be redistributed per second into the OSPF routing instance.

maximum redistribute-quantum

Summarize external routes that are redistributed into the OSPF routing instance.

summary-address (OSPF)

2.1.3   Configure an OSPF Area

To configure an OSPF area, perform the tasks described in Table 4. Enter all commands in OSPF area configuration mode, unless otherwise noted.

Table 4    Configure an OSPF Area

Task

Root Command

Notes

Create an OSPF area and enter OSPF area configuration mode.

area

Enter this command in OSPF router configuration mode.

Define an OSPF area as a stub area or as an NSSA.

area-type

Change the attributes of a default route originated into a stub area or an NSSA.

default-route

Summarize NSSA routes advertised by an ABR.

nssa-range

Set all interfaces configured in the specified OSPF area to passive mode.

passive

OSPF passive mode disables OSPF interfaces from sending OSPF packets.


Setting all interfaces in an OSPF area to passive mode is useful for large, pure edge aggregation applications, where there may be hundreds, or perhaps thousands, of customer-facing circuits. To distribute routes for the customer-facing interfaces to the upstream routers, you can enable OSPF on the customer-facing interfaces, and then set them all to passive mode using the passive command in OSPF area configuration mode.

Summarize inter-area routes advertised by an ABR.

range

Configure an OSPF interface.

For the complete list of tasks used to configure an OSPF interface, see Configure an OSPF Interface.

Configure an OSPF sham link.

For the complete list of tasks used to configure an OSPF sham link, see Configure an OSPF Sham Link.

Configure an OSPF virtual link.

For the complete list of tasks used to configure an OSPF virtual link, see Configure an OSPF Virtual Link.

2.1.4   Configure an OSPF Interface

To configure an OSPF interface, perform the tasks described in Table 5. Enter all commands in OSPF interface configuration mode, unless otherwise noted.

Table 5    Configure an OSPF Interface

Task

Root Command

Notes

Enable OSPF routing on an interface and enter OSPF interface configuration mode.

interface (OSPF)

Enter this command in OSPF area configuration mode.

Enable authentication and specify the authentication scheme for an OSPF interface.

authentication (OSPF)

Routes within the same area are not required to use the same authentication scheme and key ID; however, if two routers directly exchange updates, they must have the same authentication scheme and key ID.

Block the flooding of LSAs that are not self-originated.

block-flooding

Blocking flooding on an interface can result in inconsistencies between OSPF routers and their respective route tables. Exercise caution before blocking the flooding of LSAs that are not self-originated.

Configure the cost used in SPF computation for the specified OSPF-enabled interface.

cost (OSPF)

The lower the cost, the more likely the interface is to be used to forward data traffic.

Configure OSPF to treat a point-to-point (P2P) or a point-to-multipoint (P2MP) interface as a demand circuit.

demand-circuit

Demand circuits are network segments whose costs vary with usage; charges can be based both on connect time and on bytes or packets transmitted. OSPF routing usually requires a demand circuit’s underlying data-link connection to be constantly open, resulting in unwanted usage charges. Using the demand-circuit command enables OSPF Hello packets and the refresh of OSPF routing information to be suppressed on-demand circuits, allowing the underlying data-link connections to be closed when not carrying traffic.


Hello suppression is not negotiated unless demand circuit support is enabled.

Disable Bidirectional Forwarding Detection (BFD) for an OSPF interface.

disable-bfd (OSPF)

Use the no or default form of this command to reenable BFD on an OSPF interface.

Enable the sending of more than one OSPF Hello packet per second on the interface.

fast-hello

Using this command results in faster OSPF convergence.


The following restrictions apply to this command:


  • After the fast-hello command is configured, you cannot use the hello-interval or router-dead interval commands until the fast-hello command has been disabled.

  • After the hello-interval or router-dead interval command has been configured, you cannot use the fast-hello command until the hello-interval or router-dead interval command has been disabled.

Suppress the periodic LSA refresh in stable topologies.

flood-reduction

If demand circuit operation is implicitly or explicitly enabled, LSAs are flooded as DoNotAge LSAs on the OSPF interface, and will not be reflooded until the network topology changes.

Configure the interval at which OSPF hello packets are sent on the interface.

hello-interval (OSPF)

Enables or disables LDP-IGP synchronization between LDP and OSPF on this particular interface.

ldp-igp-synchronization

When you use the ldp-igp-synchronization command in OSPF router configuration mode, LDP-IGP synchronization between LDP and OSPF is enabled for all interfaces on the router. You can then use the no ldp-igp-synchronization command in OSPF interface configuration mode to disable LDP-IGP synchronization between LDP and OSPF on an individual interface.


Use the ldp-igp-synchronization command in OSPF interface configuration mode to reenable LDP-IGP synchronization between LDP and OSPF on an individual interface that has LDP-IGP synchronization between LDP and OSPF disabled.

Configure an OSPF neighbor.

neighbor (OSPF)

Configure the OSPF network type.

network-type

You can specify any of the following network types:


  • Broadcast network—Broadcast networks support multiple routers and have the ability to address a single physical message to all attached routers.

  • Nonbroadcast multiaccess (NBMA)—A nonbroadcast network, such as frame relay, that simulates an OSPF broadcast network.

  • Point-to-point (P2P) network—A P2P network joins a single pair of routers.

  • Point-to-multipoint (P2MP) network—Acts as though the nonbroadcast network is a collection of P2P links.

Set the OSPF interface to passive mode.

passive

OSPF passive mode disables OSPF interfaces from sending OSPF packets.

Modify the interval at which LSAs are retransmitted in link state update packets on an interface.

retransmit-interval

Modify the amount of time the OSPF routing process waits to receive an OSPF Hello packet from a neighbor before determining that the neighbor is not operational.

router-dead-interval

Modify the OSPF preference value for the SmartEdge router to act as the designated router on the network.

router-priority

Set a delay value, increasing the age of LSAs sent out through the OSPF interface.

transmit-delay

2.1.5   Configure an OSPF Sham Link

To configure an OSPF sham link, perform the tasks described in Table 6. Enter all commands in OSPF sham link configuration mode, unless otherwise noted.

Table 6    Configure an OSPF Sham Link

Task

Root Command

Notes

Create an OSPF adjacency tunneled over a VPN backbone (sham link).

sham-link

Enter this command in OSPF area configuration mode.

Enable authentication and specify the authentication scheme for an OSPF sham link.

authentication (OSPF)

Routes within the same area are not required to use the same authentication scheme and key ID; however, if two routers directly exchange updates, they must have the same authentication scheme and key ID.

Configure the cost used in SPF computation for the an OSPF sham link.

cost (OSPF)

The lower the cost, the more likely the sham link is to be used to forward data traffic.

Configure the interval at which OSPF hello packets are sent out through an OSPF sham link.

hello-interval (OSPF)

Modify the interval at which LSAs are retransmitted in link state update packets on an OSPF sham link.

retransmit-interval

Modify the amount of time the OSPF routing process waits to receive an OSPF Hello packet from a neighbor before determining that the neighbor is not operational.

router-dead-interval

Set a delay value, increasing the age of LSAs sent out through an OSPF sham link.

transmit-delay

2.1.6   Configure an OSPF Virtual Link

To configure an OSPF virtual link, perform the tasks described in Table 7. Enter all commands in OSPF virtual link configuration mode, unless otherwise noted.

Table 7    Configure an OSPF Virtual Link

Task

Root Command

Notes

Create a virtual link through the specified transit area.

virtual-link

Enter this command in OSPF area configuration mode.

Enable authentication and specify the authentication scheme for an OSPF virtual link.

authentication (OSPF)

Routes within the same area are not required to use the same authentication scheme and key ID; however, if two routers directly exchange updates, they must have the same authentication scheme and key ID.

Configure the interval at which OSPF hello packets are sent out through an OSPF virtual link.

hello-interval (OSPF)

Modify the interval at which LSAs are retransmitted in link state update packets on an OSPF virtual link.

retransmit-interval

Modify the amount of time the OSPF routing process waits to receive an OSPF Hello packet from a neighbor before determining that the neighbor is not operational.

router-dead-interval

Set a delay value, increasing the age of LSAs sent out through an OSPF virtual link.

transmit-delay

2.2   Configuring OSPFv3

To configure OSPFv3, perform the tasks described in the following sections.

Note:  
If OSPv3 is configured in a context that has no IPv4 addresses, the context or router interface must be configured with a router ID for OSPFv3 to operated properly.

2.2.1   Configure an OSPFv3 Routing Instance

To configure an OSPFv3 routing instance, perform the tasks described in Table 8. Enter all commands in OSPF3 router configuration mode, unless otherwise noted.

Table 8    Configure an OSPFv3 Routing Instance

Task

Root Command

Notes

Create an OSPFv3 routing instance and enter OSPF3 router configuration mode.

router ospf3

Enter this command in context configuration mode.

Specify that the OSPFv3 interface cost is computed automatically and to configure the reference bandwidth that is used in the interface cost computation.

auto-cost

The interface cost is computed by dividing the reference bandwidth by the interface speed. A cost of one is assigned if the interface speed is greater than the reference bandwidth.


You can override the automatic cost setting on individual interfaces by issuing the cost command in OSPFv3 interface configuration mode. For more information, see Configure an OSPFv3 Interface.

Configure a default metric that is used for redistributed OSPFv3 routes when no metric is specified.

default-metric (OSPF)

Modify the OSPFv3 distance value of one or more of these route types.

distance (OSPF)

The distance value of a route is used to select the preferred route when there are equivalent routes from multiple protocols. When a distance comparison is made the route with the lowest distance is selected. By default, OSPFv3 external, inter-area, and intra-area routes are set to a distance value of 110.

Enable graceful restart for an OSPFv3 instance.

graceful-restart (OSPF)

Log neighbor transitions to and from the full neighbor adjacency state.

log-neighbor-up-down

Originate the default route advertisement in the OSPFv3 routing domain.

originate-default

Configure a fixed OSPFv3 router ID for the SmartEdge router.

router-id (OSPF)

The router ID is used by OSPFv3 to identify the originating router for packets and link-state advertisements (LSAs). If the OSPFv3 router ID is not configured, OSPFv3 chooses the lowest loopback interface address. If there are no loopback interfaces, OSPFv3 chooses the lowest interface address. The default OSPFv3 router ID is selected when OSPFv3 is started initially or restarted using the process restart ospf command in exec mode.

Configure the delay time between the receipt of a topology change and the start of the Shortest Path First (SPF) calculation, and to determine the hold time between two consecutive SPF calculations.

spf-timers

Configure the SmartEdge router as an OSPFv3 stub router.

stub-router

Configure the redistribution of routes into the OSPFv3 routing instance.

For the complete list of tasks used to configure the redistribution of routes into the OSPFv3 routing instance, see OSPFv3 Route Redistribution and Aggregation.

Configure an OSPFv3 area.

For the complete list of tasks used to configure an OSPFv3 area, see Configure an OSPFv3 Area.

2.2.2   Configure the Redistribution of Routes into OSPFv3

You can redistribute routes learned from other protocols into the OSPFv3 routing instance, set a limit on the number of routes that can be redistributed into the OSPFv3 routing instance, and set a limit on the number of routes per second that can be redistributed into the OSPFv3 routing instance.

Note:  
IPv4 routes cannot be redistributed into an OSPFv3 routing instance.

To configure the redistribution of routes into the OSPFv3 routing instance, perform the tasks described in Table 9. Enter all commands in OSPF3 router configuration mode.

Table 9    Configure the Redistribution of Routes into OSPFv3

Task

Root Command

Redistribute routes learned from other protocols into the OSPFv3 routing instance.

redistribute (OSPFv3)

Set a maximum limit on the number of routes that can be redistributed into the specified OSPFv3 instance.

maximum redistribute (OSPF)

Set a maximum limit on the number of routes that can be redistributed per second into the OSPFv3 routing instance.

maximum redistribute-quantum

Summarize external routes that are redistributed into the OSPFv3 routing instance.

summary-address (OSPF)

2.2.3   Configure an OSPFv3 Area

To configure an OSPFv3 area, perform the tasks described in Table 10. Enter all commands in OSPF3 area configuration mode, unless otherwise noted.

Table 10    Configure an OSPFv3 Area

Task

Root Command

Notes

Create an OSPFv3 area and enter OSPF3 area configuration mode.

area

Enter this command in OSPF3 router configuration mode.

Define an OSPFv3 area as a stub area or as an NSSA.

area-type

Change the attributes of a default route originated into a stub area or an NSSA.

default-route

Summarize NSSA routes advertised by an ABR.

nssa-range

Summarize inter-area routes advertised by an ABR.

range

Configure an OSPFv3 interface.

For the complete list of tasks used to configure an OSPFv3 interface, see Configure an OSPFv3 Interface.

2.2.4   Configure an OSPFv3 Interface

To configure an OSPFv3 interface, perform the tasks described in Table 11. Enter all commands in OSPF3 interface configuration mode, unless otherwise noted.

Table 11    Configure an OSPFv3 Interface

Task

Root Command

Notes

Enable OSPFv3 routing on an interface and enter OSPF3 interface configuration mode.

interface (OSPF)

Enter this command in OSPF3 area configuration mode.

Block the flooding of LSAs that are not self-originated.

block-flooding

Blocking flooding on an interface can result in inconsistencies between OSPFv3 routers and their respective route tables. Exercise caution before blocking the flooding of LSAs that are not self-originated.

Configure the cost used in SPF computation for the specified OSPFv3-enabled interface.

cost (OSPF)

The lower the cost, the more likely the interface is to be used to forward data traffic.

Configure OSPFv3 to treat a P2P or a P2MP interface as a demand circuit.

demand-circuit

Demand circuits are network segments whose costs vary with usage; charges can be based both on connect time and on bytes or packets transmitted. OSPFv3 routing usually requires a demand circuit’s underlying data-link connection to be constantly open, resulting in unwanted usage charges. Using the demand-circuit command enables OSPFv3 Hello packets and the refresh of OSPFv3 routing information to be suppressed on-demand circuits, allowing the underlying data-link connections to be closed when not carrying traffic.


Hello suppression is not negotiated unless demand circuit support is enabled.

Suppress the periodic LSA refresh in stable topologies.

flood-reduction

If demand circuit operation is implicitly or explicitly enabled, LSAs are flooded as DoNotAge LSAs on the OSPFv3 interface, and will not be reflooded until the network topology changes.

Configure the interval at which OSPFv3 hello packets are sent on the interface.

hello-interval (OSPF)

Configure an OSPFv3 neighbor.

neighbor (OSPF)

Configure the OSPFv3 network type.

network-type

You can specify any of the following network types:


  • Broadcast network—Broadcast networks support multiple routers and have the ability to address a single physical message to all attached routers.

  • Nonbroadcast multiaccess (NBMA)—A nonbroadcast network, such as frame relay, that simulates an OSPFv3 broadcast network.

  • Point-to-point (P2P) network—A P2P network joins a single pair of routers.

Set the OSPFv3 interface to passive mode.

passive

OSPF passive mode disables OSPFv3 interfaces from sending OSPF packets.

Modify the interval at which LSAs are retransmitted in link-state update packets on an interface.

retransmit-interval

Modify the amount of time the OSPFv3 routing process waits to receive an OSPFv3 Hello packet from a neighbor before determining that the neighbor is not operational.

router-dead-interval

Modify the OSPFv3 preference value for the SmartEdge router to act as the designated router on the network.

router-priority

Set a delay value, increasing the age of LSAs sent out through the OSPFv3 interface.

transmit-delay

2.2.5   Configure an OSPFv3 Virtual Link

To configure an OSPFv3 virtual link, perform the tasks described in Table 12. Enter all commands in OSPF3 virtual link configuration mode, unless otherwise noted.

Table 12    Configure an OSPFv3 Virtual Link

Task

Root Command

Notes

Create an OSPFv3 virtual link through the specified transit area.

virtual-link

Enter this command in OSPF3 area configuration mode.

Configure the interval at which OSPFv3 hello packets are sent out through an OSPFv3 virtual link.

hello-interval (OSPF)

Modify the interval at which LSAs are retransmitted in link state update packets on an OSPFv3 virtual link.

retransmit-interval

Modify the amount of time the OSPFv3 routing process waits to receive an OSPFv3 Hello packet from a neighbor before determining that the neighbor is not operational.

router-dead-interval

Set a delay value, increasing the age of LSAs sent out through an OSPFv3 virtual link.

transmit-delay

2.3   OSPF Operations Tasks

To manage OSPF and OSPFv3 functions, perform the appropriate tasks described in Table 13. Enter the show commands in any mode; enter the clear, debug, and monitor commands in exec mode.

Table 13    OSPF and OSPFv3 Operations Tasks

Task

Root Command

Clear OSPF neighbor adjacencies, routes redistributed into OSPF, all routes, or statistics.

clear ospf

Enable the generation of debug messages for all OSPF events.

debug ospf

Enable the generation of debug messages for OSPF flooding events.

debug ospf flooding

Enable the generation of debug messages for a specific OSPF interface.

debug ospf interface

Enable the generation of debug messages for OSPF LSDB events.

debug ospf lsdb

Enable the generation of debug messages for OSPF neighbor events.

debug ospf neighbor

Enable the generation of debug messages for OSPF packet events.

debug ospf packet

Enable the generation of debug messages for interactions between OSPF and the Router Configuration Manager (RCM).

debug ospf rcm

Enable the generation of debug messages for OSPF redistribution events.

debug ospf redistribution

Enable the generation of debug messages for interactions between OSPF and the Routing Information Base (RIB).

debug ospf rib

Enable the generation of debug messages for OSPF SPF calculations.

debug ospf spf

Display continuously updated information about OSPF interfaces.

monitor ospf interface

Display continuously updated information about OSPF neighbors.

monitor ospf neighbor

Display continuously updated information about the most recent OSPF SPF calculation.

monitor ospf spf last

Display continuously updated information about OSPF statistics.

monitor ospf statistics

Display the current OSPF configuration information for the current context.

show configuration ospf

Display high-level information for all OSPF instances, or optionally, for a specific OSPF instance.

show ospf

Display OSPF area information.

show ospf area

Display OSPF ABR and ASBR information.

show ospf border-routers

Display information stored in the OSPF link-state database (LSDB).

show ospf database

Display information about OSPF advertising router LSAs.

show ospf database advertising-router

Display information about OSPF opaque Type 10 link-state advertisements (LSAs).

show ospf database area-scope-opaque

Display information about OSPF opaque Type 11 LSAs.

show ospf database as-scope-opaque

Display a count, grouped by type, of OSPF LSAs.

show ospf database database-summary

Display information about OSPF Type 5 AS external LSAs.

show ospf database external

Display information about the OSPF interface LSD.

show ospf database interface

Display information about OSPF opaque Type 9 Shortest Path First (SPF).

show ospf database link-scope-opaque

Display information about OSPF network LSAs.

show ospf database network

Display information about OSPF not-so-stubby-area (NSSA) LSAs.

show ospf database nssa

Display information about OSPF router LSAs.

show ospf database router

Display information about OSPF Type 4 summary autonomous system boundary routers (ASBRs) and other OSPFv3 routers.

show ospf database summary-asbr

Display information about OSPF Type 3 summary network LSAs.

show ospf database summary-network

Display the OSPF debug settings that have been enabled.

show ospf debug

Display OSPF interface information.

show ospf interface

Display OSPF neighbor information.

show ospf neighbor

Display OSPF route information.

show ospf route

Display OSPF SPF computation information.

show ospf route vpn

Display OSPF statistics.

show ospf statistics

Display OSPF summary address information.

show ospf summary-address

Display high-level information for all OSPFv3 instances, or optionally, for a specific instance.

show ospf3

Display information about OSPFv3 areas.

show ospf3 area

Display routes to ASBRs and other OSPFv3 routers.

show ospf3 asbr

Display information stored in the OSPFv3 LSD.

show ospf3 database

Display information about OSPFv3 advertising router LSAs.

show ospf3 database advertising-router

Display information about OSPFv3 grace LSA database entries.

show ospf3 database grace

Display information about OSPFv3 inter-area prefix LSA database entries.

show ospf3 database inter-prefix

Display information about OSPFv3 inter-area router LSA database entries.

show ospf3 database inter-router

Display information about OSPFv3 intra-area prefix LSA database entries.

show ospf3 database intra-prefix

Display information about OSPFv3 link LSAs.

show ospf3 database link

Display information about OSPFv3 network LSAs.

show ospf3 database network

Display information about OSPFv3 NSSA LSAs.

show ospf3 database nssa

Display information about OSPFv3 router LSAs.

show ospf3 database router

Display OSPFv3 debug information.

show ospf3 debug

Display OSPFv3 interface information.

show ospf3 interface

Display OSPFv3 intra-RIB information.

show ospf3 intra-rib

Display OSPFv3 malform log information.

show ospf3 malform

Display OSPFv3 neighbor information.

show ospf3 neighbor

Display OSPFv3 route information.

show ospf3 route

Display OSPFv3 SPF calculation statistics.

show ospf3 spf

Display OSPFv3 statistics.

show ospf3 statistics

Display OSPFv3 summary address information.

show ospf3 summary-address

3   Configuration Examples

The sections that follow provide OSPF configuration examples.

Figure 3 illustrates the base OSPF topology for the examples provided in this section.

Figure 3   OSPF Topology

3.1   Basic OSPF

This section contains the basic OSPF configuration for the three routers, R1, R2, and R3, illustrated in Figure 3. Examples in proceeding sections contain only the configuration sections different from the examples here.

The basic configuration for R1 is as follows. Because no router ID is explicitly configured, the loopback address is used as the OSPF router ID for R1:

[local]R1(config)#context local 

[local]R1(config-ctx)#ip domain-lookup 

[local]R1(config-ctx)#interface one 

[local]R1(config-if)#ip address 193.4.5.2/16 

[local]R1(config-if)#exit 

[local]R1(config-ctx)#interface two 

[local]R1(config-if)#ip address 10.1.1.1/16 

[local]R1(config-if)#exit 

[local]R1(config-ctx)#interface three 

[local]R1(config-if)#ip address 10.3.1.1/16 

[local]R1(config-if)#exit 

[local]R1(config-ctx)#interface lo1 loopback 

[local]R1(config-if)#ip address 193.10.25.7/32 

[local]R1(config-if)#exit 

[local]R1(config-ctx)#router ospf 1 

[local]R1(config-ospf)#area 0.0.0.0 

[local]R1(config-ospf-area)#interface 193.4.5.2 

[local]R1(config-ospf-if)#exit 

[local]R1(config-ospf-area)#interface 193.10.25.7 

[local]R1(config-ospf-area)#exit 

[local]R1(config-ospf)#area 0.0.0.1 

[local]R1(config-ospf-area)#interface two 

[local]R1(config-ospf-if)#exit 

[local]R1(config-ospf-area)#interface three 

[local]R1(config-ospf-if)#exit 

[local]R1(config-ospf-area)#exit 

[local]R1(config-ospf)#exit 

[local]R1(config-ctx)#exit 

[local]R1(config)#port pos 5/1 

[local]R1(config-port)#bind interface one local 

[local]R1(config-port)#no shutdown 

[local]R1(config-port)#exit 

[local]R1(config)#port pos 5/2 

[local]R1(config-port)#bind interface two local 

[local]R1(config-port)#no shutdown 

[local]R1(config-port)#exit 

[local]R1(config)#port pos 5/3 

[local]R1(config-port)#bind interface three local 

[local]R1(config-port)#no shutdown 

The basic configuration for R2 is as follows:

[local]R2(config)#context local 

[local]R2(config-ctx)#ip domain-lookup 

[local]R2(config-ctx)#interface one 

[local]R2(config-if)#ip address 10.1.2.2/16 

[local]R2(config-if)#exit 

[local]R2(config-ctx)#interface two 

[local]R2(config-if)#ip address 10.2.1.1/16 

[local]R2(config-if)#exit 

[local]R2(config-ctx)#router ospf 1 

[local]R2(config-ospf)#router-id 22.22.22.22 

[local]R2(config-ospf)#area 0.0.0.1 

[local]R2(config-ospf-area)#interface 10.1.2.2 

[local]R2(config-ospf-if)#exit 

[local]R2(config-ospf-area)#interface 10.2.1.1 

[local]R2(config-ospf-if)#exit 

[local]R2(config-ospf-area)#exit 

[local]R2(config-ospf)#exit 

[local]R2(config-ctx)#exit 

[local]R2(config)#port pos 3/1 

[local]R2(config-port)#bind interface one local 

[local]R2(config-port)#no shutdown 

[local]R2(config-port)#exit 

[local]R2(config)#port ethernet 4/1 

[local]R2(config-port)#bind interface two local 

[local]R2(config-port)#no shutdown 

The basic configuration for R3 is as follows:

[local]R3(config)#context local 

[local]R3(config-ctx)#ip domain-lookup 

[local]R3(config-ctx)#interface one 

[local]R3(config-if)#ip address 10.3.2.2/16 

[local]R3(config-if)#exit 

[local]R3(config-ctx)#interface two 

[local]R3(config-if)#ip address 10.2.2.2/16 

[local]R3(config-if)#exit 

[local]R3(config-ctx)#interface three 

[local]R3(config-if)#ip address 20.1.1.1/24 

[local]R3(config-if)#exit 

[local]R3(config-ctx)#router ospf 1 

[local]R3(config-ospf)#router-id 33.33.33.33 

[local]R3(config-ospf)#area 0.0.0.0 

[local]R3(config-ospf-area)#interface 20.1.1.1 

[local]R3(config-ospf-if)#exit 

[local]R3(config-ospf-area)#exit 

[local]R3(config-ospf)#area 0.0.0.1 

[local]R3(config-ospf-area)#interface 10.2.2.2 

[local]R3(config-ospf-if)#exit 

[local]R3(config-ospf-area)#interface 10.3.2.2 

[local]R3(config-ospf-if)#exit 

[local]R3(config-ospf-area)#exit 

[local]R3(config-ospf)#exit 

[local]R3(config-ctx)#exit 

[local]R3(config)#port pos 3/1 

[local]R3(config-port)#bind interface one local 

[local]R3(config-port)#no shutdown 

[local]R3(config-port)#exit 

[local]R3(config)#port ethernet 1/1 

[local]R3(config-port)#bind interface two local 

[local]R3(config-port)#no shutdown 

[local]R3(config-port)#exit 

[local]R3(config)#port pos 3/2 

[local]R3(config-port)#bind interface three local 

[local]R3(config-port)#no shutdown 

3.2   Configuring LDP-IGP Synchronization Between LDP and OSPF

The following example illustrates how to configure LDP-IGP synchronization between LDP and OSPF. In this example, the user enables LDP-IGP synchronization between LDP and OSPF on all interfaces configured in the context called OSPF1. The user then disables LDP-IGP synchronization with OSPF on one particular interface, called ospf-int-1. Finally, the user sets the maximum number of seconds LDP waits before notifying OSPF that label exchange is completed to10 seconds:

Enable LDP-IGP synchronization with OSPF on all interfaces configured
on the router:


[local]Redback(config)#context OSPF1 

[local]Redback(config-ctx)#router ospf 1 

[local]Redback(config-ospf)#ldp-igp-synchronization timeout 1000 


Disable LDP-IGP synchronization with OSPF on the interface ospf-int-1:


[local]Redback(config-ospf)#area 0.0.0.0

[local]Redback(config-ospf-area)#interface ospf-int-1 

[local]Redback(config-ospf-if)#no ldp-igp-synchronization


Set the maximum number of seconds LDP waits before notifying OSPF that label
exchange is completed to 10 seconds:


[local]Redback(config-ospf-if)#exit

[local]Redback(config-ospf-area)#exit 

[local]Redback(config-ospf)#exit

[local]Redback(config-ctx)#ldp 

[local]Redback(config-ldp)#ldp-igp synchronization timeout 10 

3.3   OSPF Route Redistribution

The following example illustrates how to redistribute static routes into the OSPF routing instance and how to modify the attributes of the redistributed routes. Only the routes matching the 122-nets-only IP prefix list are selected for redistribution. These routes are 122.1.1.0/24, 122.1.2.0/24, and 122.1.3.0/24. Once redistributed to OSPF, the routes are advertised with metric type 1 and metric value of 500. All modifications are accomplished by using the route map, static-to-ospf:

[local]Redback(config)#context local 

[local]Redback(config-ctx)#ip domain-lookup 

[local]Redback(config-ctx)#interface one 

[local]Redback(config-if)#ip address 10.1.2.2/16 

[local]Redback(config-if)#exit 

[local]Redback(config-ctx)#interface two 

[local]Redback(config-if)#ip address 10.2.1.1/16 

[local]Redback(config-if)#exit 

[local]Redback(config-ctx)#interface three 

[local]Redback(config-if)#ip address 10.5.1.1/30 

[local]Redback(config-if)#exit 

[local]Redback(config-ctx)#router ospf 1 

[local]Redback(config-ospf)#router-id 22.22.22.22 

[local]Redback(config-ospf)#area 0.0.0.1 

[local]Redback(config-ospf-area)#interface 10.1.2.2 

[local]Redback(config-ospf-if)#exit 

[local]Redback(config-ospf-area)#interface 10.2.1.1 

[local]Redback(config-ospf-if)#exit 

[local]Redback(config-ospf-area)#exit 

[local]Redback(config-ospf)#redistribute static route-map static-to-ospf 

[local]Redback(config-ospf)#exit 

[local]Redback(config-ctx)#ip prefix-list 122-nets-only 

[local]Redback(config-prefix-list)#seq 10 permit 122.0.0.0/8 le 24 

[local]Redback(config-prefix-list)#seq 20 deny 0.0.0.0/0 

[local]Redback(config-prefix-list)#exit

[local]Redback(config-ctx)#route-map static-to-ospf permit 10 

[local]Redback(config-route-map)#match ip address prefix-list 122-nets-only 

[local]Redback(config-route-map)#set metric 500 

[local]Redback(config-route-map)#set metric-type type-1 

[local]Redback(config-route-map)#exit

[local]Redback(config-ctx)#ip route 50.0.0.0/8 three 

[local]Redback(config-ctx)#ip route 121.1.1.0/24 three 

[local]Redback(config-ctx)#ip route 121.1.2.0/24 three 

[local]Redback(config-ctx)#ip route 121.1.3.0/24 three 

[local]Redback(config-ctx)#ip route 121.1.5.0/24 three 

[local]Redback(config-ctx)#ip route 122.1.1.0/24 three 

[local]Redback(config-ctx)#ip route 122.1.2.0/24 three 

[local]Redback(config-ctx)#ip route 122.1.3.0/24 three 

[local]Redback(config-ctx)#exit 

[local]Redback(config)#port pos 3/1 

[local]Redback(config-port)#bind interface one local 

[local]Redback(config-port)#no shutdown 

[local]Redback(config-port)#exit 

[local]Redback(config)#port ethernet 4/1 

[local]Redback(config-port)#bind interface two local 

[local]Redback(config-port)#no shutdown 

[local]Redback(config-port)#exit 

[local]Redback(config)#port pos 3/2 

[local]Redback(config-port)#bind interface three local 

[local]Redback(config-port)#no shutdown 

3.4   OSPFv3 Route Redistribution and Aggregation

The following example configures route redistribution and aggregation for an OSPFv3 routing instance. First, configure a list of aggregate IP prefixes:

[local]Router(config-ctx)#ipv6 prefix-list test1-aggregate
[local]Router(config-ipv6-prefix-list)#seq 10 permit 4001:101:101:106::/64 ge 64
[local]Router(config-ipv6-prefix-list)#seq 20 permit 5001:101:101:106::/64 ge 64
[local]Router(config-ipv6-prefix-list)#seq 30 permit 6001:101:101:106::/64 ge 64
[local]Router(config-ipv6-prefix-list)#seq 40 permit 7001:101:101:106::/64 ge 64
[local]Router(config-ipv6-prefix-list)#seq 50 permit 2001:101:101::/48 ge 48

Next, configure a route map called test1 that aggregates the IPv6 prefixes in the aggregate prefix list called test1-aggregate:

[local]Router(config-ctx)#route-map test1 permit 10
[local]Router(config-route-map)#match ipv6 address prefix-list test1-aggregate
[local]Router(config-route-map)#set ipv6 aggregate test1-aggregate

Specify that routes selected for redistribution are summarized only if they contain any of the prefixes specified in the IPv6 prefix list called test1:

[local]Redback(config-ctx)#router ospf3 1
[local]Redback(config-ospf3)#redistribute subscriber static route-map test1

Configure the static routes. In this example, the routes match the aggregate prefix 2001:101:101::/48:

[local]Redback(config-ctx)#ipv6 route 2001:101:101:303::/64 80::2
[local]Redback(config-ctx)#ipv6 route 2001:101:101:304::/64 80::2
[local]Redback(config-ctx)#ipv6 route 2001:101:101:305::/64 80::2
[local]Redback(config-ctx)#ipv6 route 2001:101:101:306::/64 80::2
[local]Redback(config-ctx)#ipv6 route 2001:101:101:307::/64 80::2
Note:  
When an IP prefix list is used for aggregation, the ge and le parameters (configured with the seq command) are ignored and the prefix list entries match any route subsumed by the prefix. In such cases, the ge parameter is implicit.

3.5   MD5 Authentication

The following example shows how to use MD5 to provide authentication between two routers. Authentication is only configured at the interface level. A different type of authentication can be used on each interface and no area configuration is required.

The configuration for SE1 is as follows:

[local]SE1(config-ctx)#router ospf 1 

[local]SE1(config-ospf)#area 0.0.0.0 

[local]SE1(config-ospf-area)#interface 193.4.5.2 

[local]SE1(config-ospf-if)#exit 

[local]SE1(config)#interface 193.10.25.7 

[local]SE1(config-ospf-if)#exit 

[local]SE1(config-ospf-area)#exit 

[local]SE1(config-ospf)#area 0.0.0.1 

[local]SE1(config-ospf-area)#interface two 

[local]SE1(config-ospf-if)#authentication md5 ospf-key-chain 

[local]SE1(config-ospf-if)#exit 

[local]SE1(config-ospf-area)#interface three 

The configuration for SE2 is as follows:

[local]SE2(config-ctx)#router ospf 1 

[local]SE2(config-ospf)#router-id 22.22.22.22 

[local]SE2(config-ospf)#area 0.0.0.1 

[local]SE2(config-ospf-area)#interface 10.1.2.2 

[local]SE2(config-ospf-if)#authentication md5 ospf-key-chain 

[local]SE2(config-ospf-if)#exit 

[local]SE2(config-ospf-area)#interface 10.2.1.1 

3.6   Simple Key Chain

This example shows how key chain lifetimes can be used to non-disruptively switch from one key string to another. OSPF always sends the key with the most recent send-lifetime start time which is not greater than the current time. It accepts any key whose accept lifetime value includes the current time.

The configuration for both SE1 and SE2 is as follows:

[local]Redback(config-ctx)#key-chain ospf-key-chain key-id 1 

[local]Redback(config-key-chain)#key-string secret 

[local]Redback(config-key-chain)#accept-lifetime 2001:09:07:00:00:00 
2002:09:07:12:00:00 

[local]Redback(config-key-chain)#send-lifetime 2001:09:07:00:00:00 
2002:09:07:08:00:00 

[local]Redback(config-key-chain)#exit 

[local]Redback(config-ctx)#key-chain ospf-key-chain key-id 2 

[local]Redback(config-key-chain)#key-string psst 

[local]Redback(config-key-chain)#accept-lifetime 2002:09:07:00:00:00 
2003:09:07:12:00:00 

[local]Redback(config-key-chain)#send-lifetime 2002:09:07:08:00:00 
2003:09:07:07:00:00