OSPF Configuration

To configure OSPF using CLI, use the following command:

Admin@nodename# set network virtual-router <virtual-router-name> ospf

Provide the following OSPF router parameters:

Parameter

Description

enabled

Enable/disable an OSPF router:

  • on

  • off

router-id

Router IP address. Must be unique and specified in IPv4 format (for convenience, it can match one of the IP addresses assigned to the UserGate network interfaces that belong to this virtual router).

If the OSPF is disabled (enabled off), the router-id value can be deleted (none).

metric

Redistributed route metric.

default-originate

Notify other routers that this router has a default route configured:

  • on

  • off

interfaces

Select one of the existing interfaces on which OSPF will run. Only the interfaces belonging to this virtual router are available for selection.

To add an interface or change parameters for an existing interface, use the following commands:

Admin@nodename# set network virtual-router <virtual-router-name> ospf interfaces new Admin@nodename# set network virtual-router <virtual-router-name> ospf interfaces <interface-name>

Next, specify the following parameters:

  • enabled <on | off>: enable/disable the interface.

  • interface: name of the interface in this virtual router.

  • description: interface description.

  • bfd: Add a bfd profile (Bidirectional Forwarding Detection). Bfd profiles are created in the element library, read more in the Configuring Libraries section.

  • cost: interface link cost. This value is reported in the LSA (link-state advertisement) to the neighboring routers which use it to compute the shortest path. Default value: 1.

  • priority: an integer from 0 to 255. The higher the value, the higher the probability that this router will become the network's designated router for sending out LSAs. A value of 0 excludes the router from being designated. Default value: 1.

  • network-type: select a network type to optimize the adjacency establishment process. Available values:

    • none: not specified

    • bc: broadcast

    • ptm: point to multipoint

    • ptp: point to point

  • passive-mode <on | off>: enable/disable the passive operating mode of the interface, in which routing protocol update packets are prohibited from being sent through the interface.

  • hello-interval: time between sending hello packets (in seconds). This should be the same for all routers in an autonomous system. The default value is 10 seconds.

  • dead-interval: time after which the router is considered offline (in seconds). The time is counted from the moment of receiving the last hello packet from the neighboring router. The default value is 40 seconds.

  • retransmit-interval: time before the LSA packet is retransmitted (in seconds). The default value is 5 seconds.

  • transmit-delay: approximate time required to deliver link state updates to neighbor routers (in seconds). The default value is 1 second.

  • authentication: authentication type. Available values:

    • enabled <on | off>: enable/disable mandatory authentication for each OSPF message received by the router. Authentication is normally used to prevent the injection of a fake route from illegitimate routers.

    • auth-type: select the authentication type as plain (transmit the key as plain text to authenticate routers) or digest (use an MD5 hash of the key to authenticate OSPF packets).

    • md5: the key ID.

    • key: the key. A key can only contain Latin letters, numbers, and the underscore. Maximum length: 16 characters.

areas

Configuring the OSPF area.

To add a new area or change parameters for an existing one, use the following commands:

Admin@nodename# set network virtual-router <virtual-router-name> ospf areas new Admin@nodename# set network virtual-router <virtual-router-name> ospf areas <area-name>

Next, specify the following parameters:

  • enabled <on | off>: enable/disable the area.

  • name: area name.

  • description: area description.

  • cost: cost of the LSAs announced in the stub area.

  • area-id: zone ID (area ID). The ID can be specified in decimal format or IP address record format. The area ID must match to establish an OSPF adjacency.

  • auth-type: authentication type. Available values:

    • none: do not require OSPF packet authentication.

    • plain: transmit the key as plain text to authenticate OSPF packets. The key specified in the interface settings is used.

    • digest: use an MD5 hash of the key to authenticate OSPF packets. The key specified in the interface settings is used.

    The interface-level authentication takes precedence over zone-level authentication.

  • area-type: OSPF area type. Available types:

    • normal: normal zone, created by default. This zone receives link updates, summary routes, and external routes.

    • nssa: a Not-So-Stubby Area defines an additional LSA type, which is LSA type 7. A boundary router (ASBR) can be located in the NSSA zone.

    • stub: a stub area. Does not receive information on routes external to the autonomous system but receives routes from other areas. If routers from a stub area need to send information outside of the autonomous system, they use the default route. An ASBR cannot reside in a stub area.

  • no-summary: allow/deny summarized routes to be injected into stub zone area types:

    • on

    • off

  • interfaces: select the OSPF interfaces on which this area will be available.

  • virtual-links: this is a special type of connection that makes it possible, for example, to interconnect a partitioned area or connect an area to the backbone area via another area. It is configured between two ABRs.

    Routers can transmit OSPF packets encapsulated in IP packets over such links. This mechanism is used as a temporary solution or as a backup in case the primary connections fail.

    You can specify the IDs of the routers available via this zone.

redistribute

OSPF route redistribution:

  • connected: redistribute routes to the networks directly connected to UserGate

  • kernel: redistribute routes added by the administrator.

To display a OSPF configuration of a virtual router, use the following command:

Admin@nodename# show network virtual-router <virtual-router-name> ospf

Examples of OSPF configuring in a virtual router:

Admin@nodename# set network virtual-router test_router ospf router-id 192.168.100.3 areas new area-id 1 area-type normal name "New OSPF area" enabled on interfaces [ ] ... Admin@nodename# show network virtual-router test_router name : test_router description : Test virtual router node-name : node_1 interfaces : port2; port3 routes : [] ospf : router-id : 192.168.100.3 enabled : off default-originate : off metric : None areas : New OSPF area name : New OSPF area enabled : on cost : 1 area-id : 1 area-type : normal no-summary : off interfaces : [] ...

To delete OSPF settings, use the following command:

Admin@nodename# delete network virtual-router <virtual-router-name> ospf <parameter>

You can delete the following parameters:

  • interface

  • area