Configuring OSPF
December 2005 © Foundry Networks, Inc. 20 - 15
Authentication-key: OSPF supports three methods of authentication for each interface—none, simple password,
and MD5. Only one method of authentication can be active on an interface at a time. The default authentication
value is none, meaning no authentication is performed.
• The simple password method of authentication requires you to configure an alphanumeric password on an
interface. The simple password setting takes effect immediately. All OSPF packets transmitted on the
interface contain this password. Any OSPF packet received on the interface is checked for this password. If
the password is not present, then the packet is dropped. The password can be up to eight characters long.
• The MD5 method of authentication requires you to configure a key ID and an MD5 Key. The key ID is a
number from 1 – 255 and identifies the MD5 key that is being used. The MD5 key can be up to sixteen
alphanumeric characters long.
Cost: Indicates the overhead required to send a packet across an interface. You can modify the cost to
differentiate between 100 Mbps and 1000 Mbps (1 Gbps) links. The default cost is calculated by dividing 100
million by the bandwidth. For 10 Mbps links, the cost is 10. The cost for both 100 Mbps and 1000 Mbps links is 1,
because the speed of 1000 Mbps was not in use at the time the OSPF cost formula was devised.
Dead-interval: Indicates the number of seconds that a neighbor router waits for a hello packet from the current
router before declaring the router down. The value can be from 1 – 65535 seconds. The default is 40 seconds.
Hello-interval: Represents the length of time between the transmission of hello packets. The value can be
from 1 – 65535 seconds. The default is 10 seconds.
MD5-authentication activation wait time: The number of seconds the Layer 3 Switch waits until placing a new
MD5 key into effect. The wait time provides a way to gracefully transition from one MD5 key to another without
disturbing the network. The wait time can be from 0 – 14400 seconds. The default is 300 seconds (5 minutes).
MD5-authentication key ID and key: A method of authentication that requires you to configure a key ID and an
MD5 key. The key ID is a number from 1 – 255 and identifies the MD5 key that is being used. The MD5 key
consists of up to 16 alphanumeric characters. The MD5 is encrypted and included in each OSPF packet
transmitted.
Passive: When you configure an OSPF interface to be passive, that interface does not send or receive OSPF
route updates. By default, all OSPF interfaces are active and thus can send and receive OSPF route information.
Since a passive interface does not send or receive route information, the interface is in effect a stub network.
OSPF interfaces are active by default.
NOTE: This option affects all IP sub-nets configured on the interface. If you want to disable OSPF updates only
on some of the IP sub-nets on the interface, use the ospf-ignore or ospf-passive parameter with the ip address
command. See “Assigning an IP Address to an Ethernet Port” on page 16-17.
Priority: Allows you to modify the priority of an OSPF router. The priority is used when selecting the designated
router (DR) and backup designated routers (BDRs). The value can be from 0 – 255. The default is 1. If you set
the priority to 0, the Layer 3 Switch does not participate in DR and BDR election.
Retransmit-interval: The time between retransmissions of link-state advertisements (LSAs) to adjacent routers
for this interface. The value can be from 0 – 3600 seconds. The default is 5 seconds.
Transit-delay: The time it takes to transmit Link State Update packets on this interface. The value can be from
0 – 3600 seconds. The default is 1 second.
Encrypted Display of the Authentication String or MD5 Authentication Key
The optional 0 | 1 parameter with the authentication-key and md5-authentication key-id parameters affects
encryption.
For added security, FastIron devices encrypt display of the password or authentication string. Encryption is
enabled by default. The software also provides an optional parameter to disable encryption of a password or
authentication string, on an individual OSPF area or OSPF interface basis.
When encryption of the passwords or authentication strings is enabled, they are encrypted in the CLI regardless of
the access level you are using. In the Web management interface, the passwords or authentication strings are
encrypted at the read-only access level but are visible at the read-write access level.
The encryption option can be omitted (the default) or can be one of the following.
To Next Page
Loading...
Need help?
General
