- New and Changed Information
- Preface
- Overview
- Part 1: IP
- Configuring IPv4
- Configuring IPv6
- Part 2: Routing
- Configuring OSPF
- Configuring OSPFv3
- Configuring EIGRP
- Configuring Basic BGP
- Configuring Advanced BGP
- Configuring Bidirectional Forwarding Detection
- Configuring ECMP for Host Routes
- Configuring RIP
- Configuring Static Routing
- Configuring Layer 3 Virtualization
- Configuring the Unicast RIB and FIB
- Configuring Route Policy Manager
- Part 3: First-Hop Redundancy Protocols
- Configuring HSRP
- Configuring VRRP
- Configuring Object Tracking
- IETF RFCs
- Glossary
- Index
- Information About OSPFv2
- Configuring Filter Lists for Border Routers
- Configuring Stub Areas
- Configuring a Totally Stubby Area
- Configuring NSSA
- Configuring Virtual Links
- Configuring Redistribution
- Limiting the Number of Redistributed Routes
- Configuring Route Summarization
- Configuring Stub Route Advertisements
- Modifying the Default Timers
- Configuring Graceful Restart
- Restarting an OSPFv2 Instance
- Configuring OSPFv2 with Virtualization
Configuring OSPFv2
This chapter describes how to configure Open Shortest Path First version 2 (OSPFv2) for IPv4 networks.
This chapter includes the following sections:
•
Licensing Requirements for OSPFv2
•Verifying the OSPFv2 Configuration
•Configuration Examples for OSPFv2
Information About OSPFv2
OSPFv2 is an IETF link-state protocol (see the "Link-State Protocols" section) for IPv4 networks. An OSPFv2 router sends a special message, called a hello packet, out each OSPF-enabled interface to discover other OSPFv2 neighbor routers. Once a neighbor is discovered, the two routers compare information in the hello packet to determine if the routers have compatible configurations. The neighbor routers attempt to establish adjacency, which means that the routers synchronize their link-state databases to ensure that they have identical OSPFv2 routing information. Adjacent routers share link-state advertisements (LSAs) that include information about the operational state of each link, the cost of the link, and any other neighbor information. The routers then flood these received LSAs out every OSPF-enabled interface so that all OSPFv2 routers eventually have identical link-state databases. When all OSPFv2 routers have identical link-state databases, the network is converged (see the "Convergence" section). Each router then uses Dijkstra's Shortest Path First (SPF) algorithm to build its route table.
You can divide OSPFv2 networks into areas. Routers send most LSAs only within one area, which reduces the CPU and memory requirements for an OSPF-enabled router.
OSPFv2 supports IPv4, while OSPFv3 supports IPv6. For more information, see Chapter 7, "Configuring OSPFv3."
This section includes the following topics:
Hello Packet
OSPFv2 routers periodically send hello packets on every OSPF-enabled interface. The hello interval determines how frequently the router sends these hello packets and is configured per interface. OSPFv2 uses hello packets for the following tasks:
•Neighbor discovery
•Keepalives
•Bidirectional communications
•Designated router election (see the "Designated Routers" section)
The hello packet contains information about the originating OSPFv2 interface and router, including the assigned OSPFv2 cost of the link, the hello interval, and optional capabilities of the originating router. An OSPFv2 interface that receives these hello packets determines if the settings are compatible with the receiving interface settings. Compatible interfaces are considered neighbors and are added to the neighbor table (see the "Neighbors" section).
Hello packets also include a list of router IDs for the routers that the originating interface has communicated with. If the receiving interface sees its own router ID in this list, then bidirectional communication has been established between the two interfaces.
OSPFv2 uses hello packets as a keepalive message to determine if a neighbor is still communicating. If a router does not receive a hello packet by the configured dead interval (usually a multiple of the hello interval), then the neighbor is removed from the local neighbor table.
Neighbors
An OSPFv2 interface must have a compatible configuration with a remote interface before the two can be considered neighbors. The two OSPFv2 interfaces must match the following criteria:
•Hello interval
•Dead interval
•Area ID (see the "Areas" section)
•Authentication
•Optional capabilities
If there is a match, the following information is entered into the neighbor table:
•Neighbor ID—The router ID of the neighbor.
•Priority—Priority of the neighbor. The priority is used for designated router election (see the "Designated Routers" section).
•State—Indication of whether the neighbor has just been heard from, is in the process of setting up bidirectional communications, is sharing the link-state information, or has achieved full adjacency.
•Dead time—Indication of the time since the last Hello packet was received from this neighbor.
•IP Address—The IP address of the neighbor.
•Designated Router—Indication of whether the neighbor has been declared as the designated router or as the backup designated router (see the "Designated Routers" section).
•Local interface—The local interface that received the hello packet for this neighbor.
Adjacency
Not all neighbors establish adjacency. Depending on the network type and designated router establishment, some neighbors become fully adjacent and share LSAs with all their neighbors, while other neighbors do not. For more information, see the "Designated Routers" section.
Adjacency is established using Database Description packets, Link State Request packets, and Link State Update packets in OSPF. The Database Description packet includes only the LSA headers from the link-state database of the neighbor (see the "Link-State Database" section). The local router compares these headers with its own link-state database and determines which LSAs are new or updated. The local router sends a Link State Request packet for each LSA that it needs new or updated information on. The neighbor responds with a Link State Update packet. This exchange continues until both routers have the same link-state information.
Designated Routers
Networks with multiple routers present a unique situation for OSPF. If every router floods the network with LSAs, the same link-state information will be sent from multiple sources. Depending on the type of network, OSPFv2 might use a single router, the designated router (DR), to control the LSA floods and represent the network to the rest of the OSPFv2 area (see the "Areas" section). If the DR fails, OSPFv2 selects a backup designated router (BDR). If the DR fails, OSPFv2 uses the BDR.
Network types are as follows:
•Point-to-point—A network that exists only between two routers. All neighbors on a point-to-point network establish adjacency and there is no DR.
•Broadcast—A network with multiple routers that can communicate over a shared medium that allows broadcast traffic, such as Ethernet. OSPFv2 routers establish a DR and BDR that controls LSA flooding on the network. OSPFv2 uses the well-known IPv4 multicast addresses 224.0.0.5 and a MAC address of 0100.5300.0005 to communicate with neighbors.
The DR and BDR are selected based on the information in the Hello packet. When an interface sends a Hello packet, it sets the priority field and the DR and BDR field if it knows who the DR and BDR are. The routers follow an election procedure based on which routers declare themselves in the DR and BDR fields and the priority field in the Hello packet. As a final tie breaker, OSPFv2 chooses the highest router IDs as the DR and BDR.
All other routers establish adjacency with the DR and the BDR and use the IPv4 multicast address 224.0.0.6 to send LSA updates to the DR and BDR. Figure 4-1 shows this adjacency relationship between all routers and the DR.
DRs are based on a router interface. A router might be the DR for one network and not for another network on a different interface.
Figure 4-1 DR in Multi-Access Network
Areas
Figure 4-2 OSPFv2 Areas
The ABR has a separate link-state database for each area to which it connects. The ABR sends Network Summary (type 3) LSAs (see the "Route Summarization" section) from one connected area to the backbone area. The backbone area sends summarized information about one area to another area. In Figure 4-2, Area 0 sends summarized information about Area 5 to Area 3.
OSPFv2 defines one other router type: the autonomous system boundary router (ASBR). This router connects an OSPFv2 area to another autonomous system. An autonomous system is a network controlled by a single technical administration entity. OSPFv2 can redistribute its routing information into another autonomous system or receive redistributed routes from another autonomous system. For more information, see "Advanced Features" section.)
Link-State Advertisements
OSPFv2 uses link-state advertisements (LSAs) to build its routing table.
This section includes the following topics:
•Flooding and LSA Group Pacing
LSA Types
Table 4-1 shows the LSA types supported by Cisco NX-OS.
|
|
|
|
|---|---|---|
1 |
Router LSA |
LSA sent by every router. This LSA includes the state and the cost of all links and a list of all OSPFv2 neighbors on the link. Router LSAs trigger an SPF recalculation. Router LSAs are flooded to local OSPFv2 area. |
2 |
Network LSA |
LSA sent by the DR. This LSA lists all routers in the multi-access network. Network LSAs trigger an SPF recalculation. See the "Designated Routers" section. |
3 |
Network Summary LSA |
LSA sent by the area border router to an external area for each destination in the local area. This LSA includes the link cost from the area border router to the local destination. See the "Areas" section. |
4 |
ASBR Summary LSA |
LSA sent by the area border router to an external area. This LSA advertises the link cost to the ASBR only. See the "Areas" section. |
5 |
AS External LSA |
LSA generated by the ASBR. This LSA includes the link cost to an external autonomous system destination. AS External LSAs are flooded throughout the autonomous system. See the "Areas" section. |
7 |
NSSA External LSA |
LSA generated by the ASBR within a not-so-stubby area (NSSA). This LSA includes the link cost to an external autonomous system destination. NSSA External LSAs are flooded only within the local NSSA. See the "Areas" section. |
9-11 |
Opaque LSAs |
LSA used to extend OSPF. See the "Opaque LSAs" section. |
Link Cost
Each OSPFv2 interface is assigned a link cost. The cost is an arbitrary number. By default, Cisco NX-OS assigns a cost that is the configured reference bandwidth divided by the interface bandwidth. By default, the reference bandwidth is 40 Gb/s. The link cost is carried in the LSA updates for each link.
Flooding and LSA Group Pacing
When an OSPFv2 router receives an LSA, it forwards that LSA out every OSPF-enabled interface, flooding the OSPFv2 area with this information. This LSA flooding guarantees that all routers in the network have identical routing information. LSA flooding depends on the OSPFv2 area configuration (see the "Areas" section). The LSAs are flooded based on the link-state refresh time (every 30 minutes by default). Each LSA has its own link-state refresh time.
You can control the flooding rate of LSA updates in your network by using the LSA group pacing feature. LSA group pacing can reduce high CPU or buffer utilization. This feature groups LSAs with similar link-state refresh times to allow OSPFv2 to pack multiple LSAs into an OSPFv2 Update message.
By default, LSAs with link-state refresh times within four minutes of each other are grouped together. You should lower this value for large link-state databases or raise it for smaller databases to optimize the OSPFv2 load on your network.
Link-State Database
Each router maintains a link-state database for the OSPFv2 network. This database contains all the collected LSAs, and includes information on all the routes through the network. OSPFv2 uses this information to calculate the bast path to each destination and populates the routing table with these best paths.
LSAs are removed from the link-state database if no LSA update has been received within a set interval, called the MaxAge. Routers flood a repeat of the LSA every 30 minutes to prevent accurate link-state information from being aged out. Cisco NX-OS supports the LSA grouping feature to prevent all LSAs from refreshing at the same time. For more information, see the "Flooding and LSA Group Pacing" section.
Opaque LSAs
Opaque LSAs allow you to extend OSPF functionality. Opaque LSAs consist of a standard LSA header followed by application-specific information. This information might be used by OSPFv2 or by other applications. OSPFv2 uses Opaque LSAs to support OSPFv2 Graceful Restart capability (see the "Graceful Restart" section on page 3-11). Three Opaque LSA types are defined as follows:
•LSA type 9—Flooded to the local network.
•LSA type 10—Flooded to the local area.
•LSA type 11—Flooded to the local autonomous system.
OSPFv2 and the Unicast RIB
OSPFv2 runs the Dijkstra shortest path first algorithm on the link-state database. This algorithm selects the best path to each destination based on the sum of all the link costs for each link in the path. The resultant shortest path for each destination is then put in the OSPFv2 route table. When the OSPFv2 network is converged, this route table feeds into the unicast RIB. OSPFv2 communicates with the unicast RIB to do the following:
•Add or remove routes
•Handle route redistribution from other protocols
•Provide convergence updates to remove stale OSPFv2 routes and for stub router advertisements (see the "OSPFv2 Stub Router Advertisements" section)
OSPFv2 also runs a modified Dijkstra algorithm for fast recalculation for summary and external (type 3, 4, 5, and 7) LSA changes.
Authentication
You can configure authentication on OSPFv2 messages to prevent unauthorized or invalid routing updates in your network. Cisco NX-OS supports two authentication methods:
•Simple password authentication
•MD5 authentication digest
You can configure the OSPFv2 authentication for an OSPFv2 area or per interface.
Simple Password Authentication
Simple password authentication uses a simple clear-text password that is sent as part of the OSPFv2 message. The receiving OSPFv2 router must be configured with the same clear-text password to accept the OSPFv2 message as a valid route update. Because the password is in clear text, anyone who can watch traffic on the network can learn the password.
MD5 Authentication
You should use MD5 authentication to authenticate OSPFv2 messages. You configure a password that is shared at the local router and all remote OSPFv2 neighbors. For each OSPFv2 message, Cisco NX-OS creates an MD5 one-way message digest based on the message itself and the encrypted password. The interface sends this digest with the OSPFv2 message. The receiving OSPFv2 neighbor validates the digest using the same encrypted password. If the message has not changed, the digest calculation is identical and the OSPFv2 message is considered valid.
MD5 authentication includes a sequence number with each OSPFv2 message to ensure that no message is replayed in the network.
Advanced Features
Cisco NX-OS supports a number of advanced OSPFv2 features that enhance the usability and scalability of OSPFv2 in the network. This section includes the following topics:
•Graceful Restart, page 3-11
•OSPFv2 Stub Router Advertisements
•BFD
•BFD, page 4-12
Stub Area
You can limit the amount of external routing information that floods an area by making it a stub area. A stub area is an area that does not allow AS External (type 5) LSAs (see the "Link-State Advertisements" section). These LSAs are usually flooded throughout the local autonomous system to propagate external route information. Stub areas have the following requirements:
•All routers in the stub area are stub routers. See the "Stub Routing" section.
•No ASBR routers exist in the stub area.
•You cannot configure virtual links in the stub area.
Figure 4-3 shows an example of an OSPFv2 autonomous system where all routers in area 0.0.0.10 have to go through the ABR to reach external autonomous systems. area 0.0.0.10 can be configured as a stub area.
Figure 4-3 Stub Area
Stub areas use a default route for all traffic that needs to go through the backbone area to the external autonomous system. The default route is 0.0.0.0 for IPv4.
Not-So-Stubby Area
A Not-so-Stubby Area (NSSA) is similar to a stub area, except that an NSSA allows you to import autonomous system external routes within an NSSA using redistribution. The NSSA ASBR redistributes these routes and generates NSSA External (type 7) LSAs that it floods throughout the NSSA. You can optionally configure the ABR that connects the NSSA to other areas to translate this NSSA External LSA to AS External (type 5) LSAs. The area border router (ABR) then floods these AS External LSAs throughout the OSPFv2 autonomous system. Summarization and filtering are supported during the translation. See the "Link-State Advertisements" section for details on NSSA External LSAs.
You can, for example, use NSSA to simplify administration if you are connecting a central site using OSPFv2 to a remote site that is using a different routing protocol. Before NSSA, the connection between the corporate site border router and a remote router could not be run as an OSPFv2 stub area because routes for the remote site could not be redistributed into a stub area. With NSSA, you can extend OSPFv2 to cover the remote connection by defining the area between the corporate router and remote router as an NSSA (see the "Configuring NSSA" section).
The backbone Area 0 cannot be an NSSA.
Virtual Links
Virtual links allow you to connect an OSPFv2 area ABR to a backbone area ABR when a direct physical connection is not available. Figure 4-4 shows a virtual link that connects Area 3 to the backbone area through Area 5.
Figure 4-4 Virtual Links
You can also use virtual links to temporarily recover from a partitioned area, which occurs when a link within the area fails, isolating part of the area from reaching the designated ABR to the backbone area.
Route Redistribution
OSPFv2 can learn routes from other routing protocols by using route redistribution. See the "Route Redistribution" section. You configure OSPFv2 to assign a link cost for these redistributed routes or a default link cost for all redistributed routes.
Route redistribution uses route maps to control which external routes are redistributed. See Chapter 14 "Configuring Route Policy Manager," for details on configuring route maps. You can use route maps to modify parameters in the AS External (type 5) and NSSA External (type 7) LSAs before these external routes are advertised in the local OSPFv2 autonomous system.
Route Summarization
Because OSPFv2 shares all learned routes with every OSPF-enabled router, you might want to use route summarization to reduce the number of unique routes that are flooded to every OSPF-enabled router. Route summarization simplifies route tables by replacing more-specific addresses with an address that represents all the specific addresses. For example, you can replace 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 with one summary address, 10.1.0.0/16.
Typically, you would summarize at the boundaries of area border routers (ABRs). Although you could configure summarization between any two areas, it is better to summarize in the direction of the backbone so that the backbone receives all the aggregate addresses and injects them, already summarized, into other areas. The two types of summarization are as follows:
•Inter-area route summarization
•External route summarization
You configure inter-area route summarization on ABRs, summarizing routes between areas in the autonomous system. To take advantage of summarization, you should assign network numbers in areas in a contiguous way to be able to lump these addresses into one range.
External route summarization is specific to external routes that are injected into OSPFv2 using route redistribution. You should make sure that external ranges that are being summarized are contiguous. Summarizing overlapping ranges from two different routers could cause packets to be sent to the wrong destination. Configure external route summarization on ASBRs that are redistributing routes into OSPF.
When you configure a summary address, Cisco NX-OS automatically configures a discard route for the summary address to prevent routing black holes and route loops.
High Availability and Graceful Restart
Cisco NX-OS supports high-availability. If a Cisco NX-OS system experiences a cold reboot, the network stops forwarding traffic to the system and removes the system from the network topology. In this scenario, OSPFv2 experiences a stateless restart, and removes all neighbor adjacencies on the local system. Cisco NX-OS applies the startup configuration and OSPFv2 rediscovers the neighbors and establishes the adjacencies again.
A platform with two supervisors that run Cisco NX-OS can experience a stateful supervisor switchover. Before the switchover happens, OSPFv2 initiates a graceful restart by announcing that OSPFv2 will be unavailable for some time. During a switchover, the network continues to forward traffic and keeps the system in the network topology.
After a switchover, Cisco NX-OS applies the running configuration, and OSPFv2 informs the neighbors that it is operational again. The neighbors help to reestablish adjacencies.
OSPFv2 automatically restarts if the process experiences problems. After the restart, OSPFv2 initiates a graceful restart so that the platform is not taken out of the network topology. If you manually restart OSPF, it performs a graceful restart, which is similar to a stateful switchover. The running configuration is applied in both cases.
A graceful restart, or nonstop forwarding (NSF), allows OSPFv2 to remain in the data forwarding path through a process restart. When OSPFv2 needs to restart, it first sends a link-local opaque (type 9) LSA, called a grace LSA (see the "Opaque LSAs" section on page 3-7). This restarting OSPFv2 platform is called NSF capable.
The grace LSA includes a grace period, which is a specified time that the neighbor OSPFv2 interfaces hold onto the LSAs from the restarting OSPFv2 interface. (Typically, OSPFv2 tears down the adjacency and discards all LSAs from a down or restarting OSPFv2 interface.) The participating neighbors, which are called NSF helpers, keep all LSAs that originate from the restarting OSPFv2 interface as if the interface were still adjacent.
When the restarting OSPFv2 interface is operational again, it rediscovers its neighbors, establishes adjacency, and starts sending its LSA updates again. At this point, the NSF helpers recognize that graceful restart has finished.
Note If the restarting OSPFv2 interface does not come back up before the end of the grace period, or if the network experiences a topology change, the OSPFv2 neighbors tear down adjacency with the restarting OSPFv2 and treat it as a normal OSPFv2 restart.
Note You must enable graceful restart to support in-service software upgrades (ISSU) for OSPFv2. If you disable graceful restart, Cisco NX-OS issues a warning that ISSU cannot be supported with this configuration.
OSPFv2 Stub Router Advertisements
You can configure an OSPFv2 interface to act as a stub router using the OSPFv2 stub router advertisements feature. Use this feature when you want to limit the OSPFv2 traffic through this router, such as when you want to introduce a new router to the network in a controlled manner or limit the load on a router that is already overloaded. You might also want to use this feature for various administrative or traffic engineering reasons.
OSPFv2 stub router advertisements do not remove the OSPFv2 router from the network topology, but they do prevent other OSPFv2 routers from using this router to route traffic to other parts of the network. Only the traffic that is destined for this router or directly connected to this router is sent.
OSPFv2 stub router advertisements mark all stub links (directly connected to the local router) to the cost of the local OSPFv2 interface. All remote links are marked with the maximum cost (0xFFFF).
Multiple OSPFv2 Instances
Cisco NX-OS supports multiple instances of the OSPFv2 protocol that run on the same node. You cannot configure multiple instances over the same interface. By default, every instance uses the same system router ID. You must manually configure the router ID for each instance if the instances are in the same OSPFv2 autonomous system.
SPF Optimization
Cisco NX-OS optimizes the SPF algorithm in the following ways:
•Partial SPF for Network (type 2) LSAs, Network Summary (type 3) LSAs, and AS External (type 5) LSAs—When there is a change on any of these LSAs, Cisco NX-OS performs a faster partial calculation rather than running the whole SPF calculation.
•SPF timers—You can configure different timers for controlling SPF calculations. These timers include exponential backoff for subsequent SPF calculations. The exponential backoff limits the CPU load of multiple SPF calculations.
BFD
This feature supports bidirectional forwarding detection (BFD). BFD is a detection protocol that provides fast forwarding-path failure detection times. BFD provides subsecond failure detection between two adjacent devices and can be less CPU-intensive than protocol hello messages because some of the BFD load can be distributed onto the data plane on supported modules.
BFD
This feature supports bidirectional forwarding detection (BFD). BFD is a detection protocol designed to provide fast forwarding-path failure detection times. BFD provides subsecond failure detection between two adjacent devices and can be less CPU-intensive than protocol hello messages because some of the BFD load can be distributed onto the data plane on supported modules. See the Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x for more information.
Virtualization Support
OSPFv2 supports Virtual Routing and Forwarding (VRF) instances. VRFs exist within virtual device contexts (VDCs). By default, Cisco NX-OS places you in the default VDC and default VRF unless you specifically configure another VDC and VRF. You can have up to four instances of OSPFv2 in a VDC. Each OSPFv2 instance can support multiple VRFs, up to the system limit. For more information,see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x and see Chapter 12 "Configuring Layer 3 Virtualization."
Licensing Requirements for OSPFv2
The following table shows the licensing requirements for this feature:
Prerequisites for OSPFv2
OSPFv2 has the following prerequisites:
•You must be familiar with routing fundamentals to configure OSPF.
•You are logged on to the switch.
•You have configured at least one interface for IPv4 that is capable of communicating with a remote OSPFv2 neighbor.
•You have installed the LAN Base Services license.
Reviewers: Is the Enterprise Services license required for 5.0(3)?
•You have completed the OSPFv2 network strategy and planning for your network. For example, you must decide whether multiple areas are required.
•You have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
•You have installed the Advanced Services license and entered the desired VDC (see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 5.x) if you are configuring VDCs.
Guidelines and Limitations
OSPFv2 has the following configuration guidelines and limitations:
•You can have up to four instances of OSPFv2 in a VDC.
•Cisco NX-OS displays areas in dotted decimal notation regardless of whether you enter the area in decimal or dotted decimal notation.
Note If you are familiar with the Cisco IOS CLI, be aware that the Cisco NX-OS commands for this feature might differ from the Cisco IOS commands that you would use.
Default Settings
Table 4-2 lists the default settings for OSPFv2 parameters.
Configuring Basic OSPFv2
Configure OSPFv2 after you have designed your OSPFv2 network.Figure 4-5 shows the OSPFv2 feature selection.
Figure 4-5 Configuring OSPFv2 for IPv4
For more information about the Data Center Network Manager features, see the Cisco Data Center Network Manager Getting Started Guide
This section includes the following topics:
•Configuring Optional Parameters on an OSPFv2 Instance
•Configuring Optional Parameters on an OSPFv2 Instance
•Configuring Networks in OSPFv2
•Configuring Authentication for an Area
•Configuring Authentication for an Interface
Enabling the OSPFv2 Feature
You must enable the OSPFv2 feature before you can configure OSPFv2.
BEFORE YOU BEGIN
Ensure that you are in the correct device (or choose Virtual Devices from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. feature ospf
3. (Optional) show feature
4. (Optional) copy running-config startup-config
DETAILED STEPS
To enable the OSPFv2 feature, follow these steps:
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device View tab and Network View tab (see Figure 4-5).
Step 2 From the Contents pane, click the Device View tab.
A summary table of available Cisco NX-OS devices displays.
Step 3 From the summary table, click the device to which you want to add an OSPF instance.
Step 4 From the Top menu, choose OSPFv2-IPv4 > xxx.
Cisco NX-OS adds a new row to the summary table and displays the Global Tab in the Details pane.
Step 5 From the summary table, in the Process ID field, enter an integer value.
This must be a unique value for this device.
Step 6 From the Top menu, choose File > Save to implement your changes.
Choose OSPFv2-IPv4 > Delete Process to remove the OSPFv2 instance and all associated configuration.
Use the no feature ospf command to disable the OSPFv2 feature and remove all associated configurations.
|
|
|
|---|---|
no feature ospf
Example: switch(config)# no feature ospf |
Disables the OSPFv2 feature and removes all associated configurations. |
RELATED TOPICS
•Configuring Optional Parameters on an OSPFv2 Instance
Creating an OSPFv2 Instance
The first step in configuring OSPFv2 is to create an OSPFv2 instance. You assign a unique instance tag for this OSPFv2 instance. The instance tag can be any string.
For more information about OSPFv2 instance parameters, see the "Configuring Advanced OSPFv2" section.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Use the show ip ospf instance-tag command to verify that the instance tag is not in use.
OSPFv2 must be able to obtain a router identifier (for example, a configured loopback address) or you must configure the router ID option.
Ensure that you are in the correct device (or choose Virtual Devices from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. (Optional) router-id ip-address
4. (Optional) show ip ospf instance-tag
5. (Optional) copy running-config startup-config
DETAILED STEPS
To create an OSPFv2 instance, follow these steps:
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device View tab and Network View tab (see Figure 4-5).
Step 2 From the Contents pane, click the Device View tab.
A summary table of available Cisco NX-OS devices displays.
Step 3 From the summary table, click the device to which you want to add an OSPF instance.
Step 4 From the Top menu, choose OSPFv2-IPv4 > Add New Process.
Cisco NX-OS adds a new row to the summary table and displays the Global Tab in the Details pane.
Step 5 From the summary table, in the Process ID field, enter an integer value.
This must be a unique value for this device.
Step 6 From the Top menu, choose File > Save to implement your changes.
Choose OSPFv2-IPv4 > Delete Process to remove the OSPFv2 instance and all associated configuration.
Use the no router ospf command to remove the OSPFv2 instance and all associated configurations.
|
|
|
|---|---|
no router ospf instance-tag
Example: switch(config)# no router ospf 201 |
Deletes the OSPF instance and the associated configurations. |
Note This command does not remove OSPF configuration in interface mode. You must manually remove any OSPFv2 commands configured in interface mode.
RELATED TOPICS
•Configuring Optional Parameters on an OSPFv2 Instance
Configuring Optional Parameters on an OSPFv2 Instance
You can configure optional parameters for OSPF.
For more information about OSPFv2 instance parameters, see the "Configuring Advanced OSPFv2" section.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
OSPFv2 must be able to obtain a router identifier (for example, a configured loopback address) or you must configure the router ID option.
Ensure that you are in the correct device (or choose Virtual Devices from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
DETAILED STEPS
This example shows how to create an OSPFv2 instance:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# copy running-config startup-config
RELATED TOPICS
Configuring Networks in OSPFv2
You can configure a network to OSPFv2 by associating it through the interface that the router uses to connect to that network (see the "Neighbors" section). You can add all networks to the default backbone area (Area 0), or you can create new areas using any decimal number or an IP address.
Note All areas must connect to the backbone area either directly or through a virtual link.
Note OSPF is not enabled on an interface until you configure a valid IP address for that interface.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. interface interface-type slot/port
3. no switchport
4. ip address ip-prefix/length
5. ip router ospf instance-tag area area-id [secondaries none]
6. (Optional) show ip ospf instance-tag interface interface-type slot/port
7. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (see Figure 4-5).
Step 2 From the summary table in the Device View tab, click the device to which you want to configure a network.
Step 3 From the summary table, click the OSPF instance that you want to configure a network on.
Step 4 From the Details pane, click the Area tab.
A summary of the existing areas displays.
Step 5 (Optional) From the top menu, choose OSPFv2-IPv4 > Add Area to create a new area.
a. In the Area ID field, enter a value as an integer or in IP address format.
b. From the Area Type drop-down list, select the area type.
Step 6 Click the area that you want to configure an interface in and click the Interfaces tab.
The list of existing interfaces in this area displays.
Step 7 From the top menu, choose OSPFv2-IPv4 > Add Interface to add an interface to this area and OSPF instance.
A new row in the Interfaces tab appears.
Step 8 From the Name drop-down list, select the new interface.
Step 9 (Optional) To set the optional interface parameters, follow these steps:
a. To suppress routing updates on the interface, check the Passive checkbox.
b. To assign a priority to determine the DR for an area, enter a value in the Priority field.
The range is from 0 to 255. The default is 1.
c. To assign the link cost metric, enter a value in the Link Cost field.
The default is to calculate the cost metric based on reference bandwidth and interface bandwidth.
d. To modify the default link delay, enter a value in the Link Delay field.
e. To set the hello interval, enter a value from 1 to 65535 in the Hello Timers field.
The default is 10 seconds.
f. To set the dead interval, enter a value from 1 to 65535 in the Dead Timers field.
The default is four times the hello interval in seconds.
g. To set the retransmition time, enter a value in the Retrans Timers field.
Step 10 (Optional) Choose File > Save from the top menu to save your changes.
You can configure the following optional parameters for OSPFv2 in interface configuration mode:
|
|
|
|---|---|
ip ospf cost number
Example: switch(config-if)# ip ospf cost 25 |
Configures the OSPFv2 cost metric for this interface. The default is to calculate cost metric, based on reference bandwidth and interface bandwidth. The range is from 1 to 65535. |
ip ospf dead-interval seconds
Example: switch(config-if)# ip ospf dead-interval 50 |
Configures the OSPFv2 dead interval, in seconds. The range is from 1 to 65535. The default is four times the hello interval, in seconds. |
ip ospf hello-interval seconds
Example: switch(config-if)# ip ospf hello-interval 25 |
Configures the OSPFv2 hello interval, in seconds. The range is from 1 to 65535. The default is 10 seconds. |
ip ospf mtu-ignore
Example: switch(config-if)# ip ospf mtu-ignore |
Configures OSPFv2 to ignore any IP MTU mismatch with a neighbor. The default is to not establish adjacency if the neighbor MTU does not match the local interface MTU. |
ip ospf passive-interface
Example: switch(config-if)# ip ospf passive-interface |
Suppresses routing updates on the interface. |
ip ospf priority number
Example: switch(config-if)# ip ospf priority 25 |
Configures the OSPFv2 priority, used to determine the DR for an area. The range is from 0 to 255. The default is 1. See the "Designated Routers" section. |
ip ospf shutdown
Example: switch(config-if)# ip ospf shutdown |
Shuts down the OSPFv2 instance on this interface. |
This example shows how to add a network area 0.0.0.10 in OSPFv2 instance 201:
switch# configure terminal
switch(config)# interface ethernet 1/2
switch(config-if)# no switchport
switch(config-if)# ip address 192.0.2.1/16
switch(config-if)# ip router ospf 201 area 0.0.0.10
switch(config-if)# copy running-config startup-config
Use the show ip ospf interface command to verify the interface configuration. Use the show ip ospf neighbor command to see the neighbors for this interface.
Configuring Authentication for an Area
You can configure authentication for all networks in an area or for individual interfaces in the area. Interface authentication configuration overrides area authentication.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that all neighbors on an interface share the same authentication configuration, including the shared authentication key.
Create the key-chain for this authentication configuration. See the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 5.x.
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. area area-id authentication [message-digest]
4. interface interface-type slot/port
5. no switchport
6. (Optional) ip ospf authentication-key [0 | 3] key
or
(Optional) ip ospf message-digest-key key-id md5 [0 | 3] key
7. (Optional) show ip ospf instance-tag interface interface-type slot/port
8. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device that you want to configure authentication on.
Step 3 Click the OSPF instance that you want to configure authentication on.
Step 4 From the Details pane, click the Area tab.
A summary of the existing areas displays.
Step 5 Click the area that you want to configure.
Step 6 Double-click the Authentication field for this area.
Step 7 From the Authentication Type drop-down list, choose the authentication type that you want to configure.
Step 8 In the Key field, enter the authentication key.
Step 9 Click OK.
Step 10 (Optional) Choose File > Save from the top menu to save your changes.
Configuring Authentication for an Interface
You can configure authentication for individual interfaces in the area. Interface authentication configuration overrides area authentication.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that all neighbors on an interface share the same authentication configuration, including the shared authentication key.
Create the key-chain for this authentication configuration. See the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 5.x.
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. interface interface-type slot/port
3. no switchport
4. ip ospf authentication [message-digest]
5. (Optional) ip ospf authentication key-chain key-name
6. (Optional) ip ospf authentication-key [0 | 3 | 7] key
7. (Optional) ip ospf message-digest-key key-id md5 [0 | 3 | 7] key
8. (Optional) show ip ospf instance-tag interface interface-type slot/port
9. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device that you want to configure authentication on.
Step 3 Click the OSPF instance that you want to configure authentication on.
Step 4 From the Details pane, click the Area tab.
A summary of the existing areas displays.
Step 5 Click the area that you want to configure.
Step 6 Click the Interfaces tab for this area.
The interfaces summary table displays.
Step 7 Click the interface that you want to configure.
Step 8 Double-click the Authentication field for this interface.
Step 9 From the Authentication Type drop-down list, choose the authentication type that you want to configure.
Step 10 In the Key field, enter the authentication key.
Step 11 Click OK.
Step 12 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to set an interface for simple, unencrypted passwords and set the password for Ethernet interface 1/2:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# exit
switch(config)# interface ethernet 1/2
switch(config-if)# no switchport
switch(config-if)# ip router ospf 201 area 0.0.0.10
switch(config-if)# ip ospf authentication
switch(config-if)# ip ospf authentication-key 0 mypass
switch(config-if)# copy running-config startup-config
Configuring Advanced OSPFv2
Configure OSPFv2 after you have designed your OSPFv2 network.
This section includes the following topics:
•Configuring Filter Lists for Border Routers
•Configuring a Totally Stubby Area
•Limiting the Number of Redistributed Routes
•Configuring Route Summarization
•Configuring Stub Route Advertisements
•Configuring Graceful Restart, page 3-40
•Restarting an OSPFv2 Instance
•Configuring Graceful Restart, page 3-40
Configuring Filter Lists for Border Routers
You can separate your OSPFv2 domain into a series of areas that contain related networks. All areas must connect to the backbone area through an area border router (ABR). OSPFv2 domains can connect to external domains through an autonomous system border router (ASBR). See the "Areas" section.
ABRs have the following optional configuration parameters:
•Area range—Configures route summarization between areas. See the "RELATED TOPICS" section on page 4-43.
•Filter list—Filters the Network Summary (type 3) LSAs on an ABR that are allowed in from an external area.
ASBRs also support filter lists.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Create the route map that the filter list uses to filter IP prefixes in incoming or outgoing Network Summary (type 3) LSAs. See Chapter 14 "Configuring Route Policy Manager."
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. area area-id filter-list route-map map-name {in | out}
4. (Optional) show ip ospf policy statistics area id filter-list {in | out}
5. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device that you want to configure a filter list on.
Step 3 Click the OSPF instance that you want to configure a filter list on.
Step 4 From the Details pane, click the Area/AS Border tab.
Step 5 Expand the Route Summarization and Filtering section.
A summary tree of inter-area filters displays.
Step 6 To configure an inbound filter-list, follow these steps:
a. Double-click the Inbound Filter Policy field for the area you are configuring.
A drop-down list of route policies displays.
b. From the policy drop-down list, choose the policy that you want to configure.
c. Click OK.
Step 7 To configure an outbound filter-list, follow these steps:
a. Double-click the Outbound Filter Policy field for the area you are cfiguring.
A drop-down list of route policies displays.
b. From the policy drop-down list, choose the policy that you want to configure.
c. Click OK.
Step 8 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to configure a filter list in area 0.0.0.10:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 filter-list route-map FilterLSAs in
switch(config-router)# copy running-config startup-config
Configuring Stub Areas
You can configure a stub area for part of an OSPFv2 domain where external traffic is not necessary. Stub areas block AS External (type 5) LSAs, limiting unnecessary routing to and from selected networks. See the "Stub Area" section. You can optionally block all summary routes from going into the stub area.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that there are no virtual links or ASBRs in the proposed stub area.
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. area area-id stub
4. (Optional) area area-id default-cost cost
5. (Optional) show ip ospf instance-tag
6. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device that you want to configure a stub area on .
Step 3 Click the OSPF instance that you want to configure a stub area on.
Step 4 Click the Area tab in the Details pane.
A summary of the existing areas displays.
Step 5 Choose OSPFv2-IPv4 > Add Area to create a new area.
a. In the Area ID field, enter the area ID.
b. from the Area Type drop-down list, choose stub.
Step 6 (Optional) Click the Stub/NSSA tab for the new area.
The stub and NSSA parameters display.
Step 7 (Optional) In the Default Route Cost field, enter a default cost for this stub area.
Step 8 (Optional) To allow summary routes into this stub area, check the Allow Summary Routes checkbox.
Step 9 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to create a stub area:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 stub
switch(config-router)# copy running-config startup-config
Configuring a Totally Stubby Area
You can create a totally stubby area and prevent all summary route updates from going into the stub area.
To create a totally stubby area, use the following command in router configuration mode:
|
|
|
|---|---|
area area-id stub no-summary
Example: switch(config-router)# area 20 stub no-summary |
Creates this area as a totally stubby area. |
Configuring NSSA
You can configure an NSSA for part of an OSPFv2 domain where limited external traffic is required. See the "Not-So-Stubby Area" section. You can optionally translate this external traffic to an AS External (type 5) LSA and flood the OSPFv2 domain with this routing information. An NSSA can be configured with the following optional parameters:
•No redistribution—Redistributed routes bypass the NSSA and are redistributed to other areas in the OSPFv2 autonomous system. Use this option when the NSSA ASBR is also an ABR.
•Default information originate—Generates an NSSA External (type 7) LSA for a default route to the external autonomous system. Use this option on an NSSA ASBR if the ASBR contains the default route in the routing table. This option can be used on an NSSA ABR whether or not the ABR contains the default route in the routing table.
•Route map—Filters the external routes so that only those routes that you want are flooded throughout the NSSA and other areas.
•Translate—Translates NSSA External LSAs to AS External LSAs for areas outside the NSSA. Use this command on an NSSA ABR to flood the redistributed routes throughout the OSPFv2 autonomous system. You can optionally suppress the forwarding address in these AS External LSAs. If you choose this option, the forwarding address is set to 0.0.0.0.
•No summary—Blocks all summary routes from flooding the NSSA. Use this option on the NSSA ABR.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that there are no virtual links in the proposed NSSA and that it is not the backbone area.
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. area area-id nssa [no-redistribution] [default-information-originate [route-map map-name]] [no-summary] [translate type7 {always | never} [suppress-fa]]
4. (Optional) area area-id default-cost cost
5. (Optional) show ip ospf instance-tag
6. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device where you want to configure a NSSA area.
Step 3 Click the OSPF instance where you want to configure an NSSA area.
Step 4 From the Details pane, click the Area tab.
A summary of the existing areas displays.
Step 5 Choose OSPFv2-IPv4 > Add Area to create a new area.
a. In the Area ID field, enter the area ID.
b. from the Area Type drop-down list, choose NSSA.
Step 6 (Optional) Click the Stub/NSSA tab for the new area.
The stub and NSSA parameters display.
Step 7 (Optional) To allow route redistributin through this area, check the Allow Redistribution checkbox.
Step 8 (Optional) To allow summary routes into this area, check the Allow Summary Routes checkbox.
Step 9 (Optional) To translate Type-7 LSAs in this area, check the Translate Type-7 LSA checkbox.
Step 10 (Optional) To suppress the forwarding address in this area, check the Suppress Forwarding Address checkbox.
Step 11 (Optional) To advertise a default route into this area follow these steps:
a. Check the Advertise Default Route checkbox.
b. From the Policy drop-down list, choose a route policy.
c. Click OK.
Step 12 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to create an NSSA that blocks all summary route updates:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa no-summary
switch(config-router)# copy running-config startup-config
This example shows how to create an NSSA that generates a default route:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa default-info-originate
switch(config-router)# copy running-config startup-config
This example shows how to create an NSSA that filters external routes and blocks all summary route updates:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa route-map ExternalFilter no-summary
switch(config-router)# copy running-config startup-config
This example shows how to create an NSSA that always translates NSSA External (type 5) LSAs to AS External (type 7) LSAs:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa translate type 7 always
switch(config-router)# copy running-config startup-config
Configuring Virtual Links
A virtual link connects an isolated area to the backbone area through an intermediate area. See the "Virtual Links" section. You can configure the following optional parameters for a virtual link:
•Authentication—Sets a simple password or MD5 message digest authentication and associated keys.
•Dead interval—Sets the time that a neighbor waits for a Hello packet before declaring the local router as dead and tearing down adjacencies.
•Hello interval—Sets the time between successive Hello packets.
•Retransmit interval—Sets the estimated time between successive LSAs.
•Transmit delay—Sets the estimated time to transmit an LSA to a neighbor.
Note You must configure the virtual link on both routers involved before the link becomes active.
You cannot add a virtual link to a stub area.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. area area-id virtual-link router-id
4. (Optional) show ip ospf virtual-link [brief]
5. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device where you want to configure a virtual link.
Step 3 Click the OSPF instance where you want to configure a virtual link.
Step 4 From the Details pane, click the Area/AS Border tab.
Step 5 Expand the Virtual Links section.
A list of virtual links displays.
Step 6 Choose OSPFv2-IPv4 > Add Virtual Link to create a new virtual link.
Step 7 In the ABR Router field, enter the router ID for the remote router at the other end of this virtual link.
You must configure a virtual link on that remote router to complete the configuration.
Step 8 (Optional) To configure authentication on this virtual link, follow these steps:
a. Double-click the Authentication field for this interface.
b. From the Authentication Type drop-down list, choose the authentication type that you want to configure.
c. In the Key field, enter the authentication key.
d. Click OK.
Step 9 (Optional) To configure the link delay, enter a value in the Link Delay field.
Step 10 (Optional) To set the hello interval, enter a value from 1 to 65535 in the Hello Timers field.
The default is 10 seconds.
Step 11 (Optional) To set the dead interval, enter a value from 1 to 65535 in the Dead Timers field.
The default is four times the hello interval, in seconds.
Step 12 (Optional) To set the retransmition time, enter a value in the Retrans Timers field.
Step 13 (Optional) Choose File > Save from the top menu to save your changes.
You can configure the following optional commands in virtual link configuration mode:
This example shows how to create a simple virtual link between two ABRs.
The configuration for ABR 1 (router ID 27.0.0.55) is as follows:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 virtual-link 10.1.2.3
switch(config-router-vlink)# copy running-config startup-config
The configuration for ABR 2 (Router ID 10.1.2.3) is as follows:
switch# configure terminal
switch(config)# router ospf 101
switch(config-router)# area 0.0.0.10 virtual-link 27.0.0.55
switch(config-router-vlink)# copy running-config startup-config
Configuring Redistribution
You can redistribute routes learned from other routing protocols into an OSPFv2 autonomous system through the ASBR.
You can configure the following optional parameters for route redistribution in OSPF:
•Default information originate—Generates an AS External (type 5) LSA for a default route to the external autonomous system.
Note Default information originate ignores match statements in the optional route map.
•Default metric—Sets all redistributed routes to the same cost metric.
Note If you redistribute static routes, Cisco NX-OS also redistributes the default static route.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Create the necessary route maps used for redistribution.
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. redistribute {bgp id | direct | eigrp id | isis id | ospf id | rip id | static} route-map map-name
4. default-information originate [always] [route-map map-name]
5. default-metric cost
6. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device where you want to configure redistribution.
Step 3 Click the OSPF instance where you want to configure redistribution.
Step 4 From the Details pane, click the Area/AS Border tab.
Step 5 Expand the Redistribution area.
A list of redistributed protocols displays.
Step 6 Choose OSPFv2-IPv4 > Add External Route Source to add a new distributed protocol.
Step 7 Double-click the External Route Source field.
Step 8 From the External Router Source drop-down list, choose the protocol that you want to redistribute into this OSPFv2 instance.
Step 9 Double-click the Redistirbution Policy field.
Step 10 From the Redistribution Policy drop-down list, choose the protocol that you want to redistribute into this OSPFv2 instance.
Step 11 (Optional) To set the default metric, enter a value in the Default Metric field.
Step 12 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to redistribute the Border Gateway Protocol (BGP) into OSPF:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# redistribute bgp route-map FilterExternalBGP
switch(config-router)# copy running-config startup-config
Limiting the Number of Redistributed Routes
Route redistribution can add many routes to the OSPFv2 route table. You can configure a maximum limit to the number of routes accepted from external protocols. OSPFv2 provides the following options to configure redistributed route limits:
•Fixed limit—Logs a message when OSPFv2 reaches the configured maximum. OSPFv2 does not accept any more redistributed routes. You can optionally configure a threshold percentage of the maximum where OSPFv2 will log a warning when that threshold is passed.
•Warning only—Logs a warning only when OSPFv2 reaches the maximum. OSPFv2 continues to accept redistributed routes.
•Widthdraw—Starts the timeout period when OSPFv2 reaches the maximum. After the timeout period, OSPFv2 requests all redistributed routes if the current number of redistributed routes is less than the maximum limit. If the current number of redistributed routes is at the maximum limit, OSPFv2 withdraws all redistributed routes. You must clear this condition before OSPFv2 accepts more redistributed routes.
You can optionally configure the timeout period.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. redistribute {bgp id | direct| eigrp id | isis id | ospf id | rip id | static} route-map map-name
4. redistribute maximum-prefix max [threshold] [warning-only | withdraw [num-retries timeout]]
5. (Optional) show running-config ospf
6. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device where you want to configure redistribution.
Step 3 Click the OSPF instance where you want to configure redistribution.
Step 4 From the Details pane, click the Area/AS Border tab.
Step 5 Expand the Redistribution area.
A list of redistributed protocols displays.
Step 6 Choose OSPFv2-IPv4 > Add External Route Source to add a new distributed protocol.
Step 7 Double-click the External Route Source field.
Step 8 From the External Router Source drop-down list, choose the protocol that you want to redistribute into this OSPFv2 instance.
Step 9 Double-click the Redistirbution Policy field.
Step 10 From the Redistribution Policy drop-down list, choose the protocol that you want to redistribute into this OSPFv2 instance.
Step 11 (Optional) To set the default metric, enter a value in the Default Metric field.
Step 12 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to limit the number of redistributed routes into OSPF:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# redistribute bgp route-map FilterExternalBGP
switch(config-router)# redistribute maximum-prefix 1000 75
Configuring Route Summarization
You can configure route summarization for inter-area routes by configuring an address range that is summarized. You can also configure route summarization for external, redistributed routes by configuring a summary address for those routes on an ASBR. See the "Route Summarization" section.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. area area-id range ip-prefix/length [no-advertise] [cost cost]
4. summary-address ip-prefix/length [no-advertise | tag tag-id]
5. (Optional) show ip ospf summary-address
6. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device where you want to configure a summary address.
Step 3 Click the OSPF instance where you want to configure a summary address.
Step 4 From the Details pane, click the Area/AS Border tab.
Step 5 Expand the Redistribution area.
A list of summary addresses displays.
Step 6 Choose OSPFv2-IPv4 > Add External Route Summary to add a new summary address.
Step 7 Double-click the External Route Summary field and enter a summary address.
Step 8 To advertise this summary address in a Network Summary (type 3) LSA, check the Advertise checkbox.
Step 9 (Optional) To assign a tag for this summary address that can be used for redistribution with route maps, enter a value in the Route Tag field.
Step 10 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to create summary addresses between areas on an ABR:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 range 10.3.0.0/16
switch(config-router)# copy running-config startup-config
This example shows how to create summary addresses on an ASBR;
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# summary-address 10.5.0.0/16
switch(config-router)# copy running-config startup-config
Configuring Stub Route Advertisements
Use stub route advertisements when you want to limit the OSPFv2 traffic through this router for a short time. See the "OSPFv2 Stub Router Advertisements" section.
Stub route advertisements can be configured with the following optional parameters:
•On startup—Sends stub route advertisements for the specified announce time.
•Wait for BGP—Sends stub router advertisements until BGP converges.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. max-metric router-lsa [on-startup [announce-time] [wait-for bgp tag]]
4. (Optional) copy running-config startup-config
Note You should not save the running configuration of a router when it is configured for a graceful shutdown because the router will continue to advertise a maximum metric after it is reloaded.
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the router where you want to configure stub route advertisements.
Step 3 Click the OSPF instance where you want to configure stub route advertisements.
Step 4 From the Details pane ,click the Global tab.
Step 5 Expand the Maximum Metric Advertisement section.
Step 6 To configure stub route advertisements only on startup,follow these steps:
a. Check the Advertise Max Metric in Router LSA - On Startup checkbox.
b. (Optional) To configure how long to advertise after startup, check the Announcement Time checkbox and enter a value in seconds.
c. (Optional) To send stub route advertisements until BGP converges, check the Wait for BGP checkbox and enter a value in the Tag field.
Step 7 To always configure stub route advertisements, check the Advertise Max Metric in Router LSA - Always checkbox.
Step 8 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to enable the stub router advertisements feature on startup for the default 600 seconds:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# max-metric router-lsa on-startup
switch(config-router)# copy running-config startup-config
Modifying the Default Timers
OSPFv2 includes a number of timers that control the behavior of protocol messages and shortest path first (SPF) calculations. OSPFv2 includes the following optional timer parameters:
•LSA arrival time—Sets the minimum interval allowed between LSAs arriving from a neighbor. LSAs that arrive faster than this time are dropped.
•Pacing LSAs—Set the interval at which LSAs are collected into a group and refreshed, checksummed, or aged. This timer controls how frequently LSA updates occur and optimizes how many are sent in an LSA update message (see the "Flooding and LSA Group Pacing" section).
•Throttle LSAs—Set rate limits for generating LSAs. This timer controls how frequently an LSA is generated if no topology change occurs.
•Throttle SPF calculation—Controls how frequently the SPF calculation is run.
At the interface level, you can also control the following timers:
•Retransmit interval—Sets the estimated time between successive LSAs.
•Transmit delay—Sets the estimated time to transmit an LSA to a neighbor.
See the "Configuring Networks in OSPFv2" section for information about the hello interval and dead timer.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. timers lsa-arrival msec
4. timers lsa-group-pacing seconds
5. timers throttle lsa start-time hold-interval max-time
6. timers throttle spf delay-time hold-time
7. interface type slot/port
8. no switchport
9. ip ospf hello-interval seconds
10. ip ospf dead-interval seconds
11. ip ospf retransmit-interval seconds
12. ip ospf transmit-delay seconds
13. (Optional) show ip ospf
14. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device where you want to configure stub route advertisements.
Step 3 Click the OSPF instance where you want to configure stub route advertisements.
Step 4 To configure global OSPFv2 timers, follow these steps:
a. From in the Details pane, click the Global tab.
b. Expand the Timers section.
c. (Optional) In the Min LSA Arrival Time field, enter a value from 1 to 600000.
The default is 1000 milliseconds.
d. (Optional) In the LSA Group Pacing Time field, enter a value from 1 to 1800.
The default is 240 seconds.
e. (Optional) In the Router LSA Hold Time field, enter a value from 1 to 600000.
The default is 5000 milliseconds.
f. (Optional) In the Network LSA Hold Time field, enter a value from 1 to 600000.
The default is 5000 milliseconds.
g. (Optional) In the Start Delay field, enter a value from 1 to 65535.
The default is 0 milliseconds.
h. (Optional) In the Min Hold Time field, enter a value from 1 to 65535.
The default is 1000 milliseconds.
i. (Optional) In the Max Wait Time field, enter a value from 1 to 65535.
The default is 5000 milliseconds.
Step 5 To configure interface OSPFv2 timers, follow these steps:
a. Click the Area tab in the Details pane.
A summary of the existing areas displays.
b. Click the area that you want to configure an interface in and click the Interfaces tab.
The list of existing interfaces in this area displays.
c. From the Hello Timers field, enter a value from 1 to 65535 to set the hello interval.
The default is 10 seconds.
d. From the Dead Timers field, enter a value from 1 to 65535 to set the dead interval.
The default is four times the hello interval, in seconds.
e. the Retrans Timers field, enter a value from 1 to 65535 to set the retransmition time.
The default is five seconds.
Step 6 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to control LSA flooding with the lsa-group-pacing option:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# timers lsa-group-pacing 300
switch(config-router)# copy running-config startup-config
Configuring Graceful Restart
Graceful restart is enabled by default. You can configure the following optional parameters for graceful restart in an OSPFv2 instance:
•Grace period—Configures how long neighbors should wait after a graceful restart has started before tearing down adjacencies.
•Helper mode disabled—Disables helper mode on the local OSPFv2 instance. OSPFv2 will not participate in the graceful restart of a neighbor.
•Planned graceful restart only—Configures OSPFv2 to support graceful restart only in the event of a planned restart.
BEFORE YOU BEGIN
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that all neighbors are configured for graceful restart with matching optional parameters set.
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. router ospf instance-tag
3. graceful-restart
4. (Optional) graceful-restart grace-period seconds
5. (Optional) graceful-restart helper-disable
6. (Optional) graceful-restart planned-only
7. (Optional) show ip ospf instance-tag
8. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > Unicast > OSPFv2-IPv4.
The Contents pane displays the OSPFv2 Device view tab and Network View tab (Figure 4-5).
Step 2 From the Device View tab, click the device that you want to configure graceful restart on.
Step 3 Click the OSPF instance that you want to configure graceful restart on.
Step 4 From the Details pane, click the Area tab.
A summary of the existing areas displays.
Step 5 Expand the Graceful Restart section.
The graceful restart parameters display.
Step 6 (Optional) To enable graceful restart, click the Enable Graceful Restart radio button.
This option is enabled by default.
Step 7 (Optional) To enable graceful restart only for planned restarts, click the Enable Only Planned Graceful Restart radio button.
Step 8 (Optional) To disable graceful restart, click the Disable Graceful Restart radio button.
Step 9 (Optional) In the Grace Period field, enter a value from 5 to 1800. The default is 60 seconds.
Step 10 (Optional) In the Notify Period field, enter a value from 4 to 19 seconds. The default is 15 seconds.
Step 11 (Optional) To enable the graceful restart helper function, check the Enable Graceful Restart Helper checkbox.
Step 12 (Optional) To flush existing routes during a nongraceful restart, check the Flush Routes on Non-graceful Restart checkbox.
Step 13 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to enable a graceful restart if it has been disabled and set the grace period to 120 seconds:
switch# configure terminal
switch(config)# router ospf 201
switch(config-router)# graceful-restart
switch(config-router)# graceful-restart grace-period 120
switch(config-router)# copy running-config startup-config
Restarting an OSPFv2 Instance
You can restart an OSPv2 instance. This clears all neighbors for the instance.
To restart an OSPFv2 instance and remove all associated neighbors, use the following command:
|
|
|
|---|---|
restart ospf instance-tag
Example: switch(config)# restart ospf 201 |
Restarts the OSPFv2 instance and removes all neighbors. |
Configuring OSPFv2 with Virtualization
You can configure multiple OSPFv2 instances in each VDC. You can also create multiple VRFs within each VDC and use the same or multiple OSPFv2 instances in each VRF. You assign an OSPFv2 interface to a VRF.
Note Configure all other parameters for an interface after you configure the VRF for an interface. Configuring a VRF for an interface deletes all the configuration for that interface.
BEFORE YOU BEGIN
Create the VDCs.
Ensure that you have enabled the OSPF feature (see the "Enabling the OSPFv2 Feature" section).
Ensure that you are in the correct VDC (or choose VDC from the Feature Selector pane).
Ensure that you are in the correct VDC (or use the switchto vdc command).
SUMMARY STEPS
1. configure terminal
2. vrf context vrf-name
3. router ospf instance-tag
4. vrf vrf-name
5. maximum-paths paths
6. interface interface-type slot/port
7. no switchport
8. vrf member vrf-name
9. ip-address ip-prefix/length
10. ip router ospf instance-tag area area-id
11. (Optional) copy running-config startup-config
DETAILED STEPS
Step 1 From the Feature Selector pane, choose Routing > VRF.
The Contents pane displays the summary table for VRFs.
Step 2 From the VRF summary table, click the device that you want to configure a VRF on.
Step 3 Choose VRF > Add New Routing Instance from the top menu.
Cisco NX-OS adds a new row to the VRF summary table .
Step 4 From the VRF Name field, enter a value. This must be a unique value for this device.
Step 5 (Optional) From the Routing fields, enter a static route for this VRF.
Step 6 Choose VRF > Add Interface from the top menu.
Cisco NX-OS adds a new row to the VRF summary table.
Step 7 From the Interface drop-down list, select the interface that you want to add to this VRF.
Step 8 (Optional) Choose File > Save from the top menu to save your changes.
This example shows how to create a VRF and add an interface to the VRF:
switch# configure terminal
switch(config)# vrf context NewVRF
switch(config)# router ospf 201
switch(config)# interface ethernet 1/2
switch(config-if)# no switchport
switch(config-if)# vrf member NewVRF
switch(config-if)# ip address 192.0.2.1/16
switch(config-if)# ip router ospf 201 area 0
switch(config)# copy running-config startup-config
RELATED TOPICS
<xref to field descriptions from VRF chapter>
Verifying the OSPFv2 Configuration
To display the OSPFv2 configuration information, perform one of the following tasks:
Displaying OSPFv2 Statistics
To display OSPFv2 statistics, use the following commands:
Configuration Examples for OSPFv2
This example shows how to configure OSPFv2:
feature ospf
router ospf 201
router-id 290.0.2.1
interface ethernet 1/2
no switchport
ip router ospf 201 area 0.0.0.10
ip ospf authentication
ip ospf authentication-key 0 mypass
Additional References
For additional information related to implementing OSPF, see the following sections:
•MIBs
Related Documents
MIBs
|
|
|
|---|---|
• • |
To locate and download MIBs, go to the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml |
Feature History for OSPFv2
Table 4-3 lists the release history for this feature.
|
|
|
|
|---|---|---|
BFD |
5.0(2)N1(1) |
This feature was introduced. |
OSPFv2 |
5.0(3)U1(1) |
This feature was introduced. |
Feedback