OSPF Configuration
Mode Commands
The OSPF Configuration
sub-mode is used to configure the Open Shortest Path First (OSPF)
routing protocol. This mode includes commands that configure OSPF
routing parameters.
IMPORTANT:
The commands or keywords/variables
that are available are dependent on platform type, product version,
and installed license(s).
area authentication
Enables authentication
for the specified OSPF area.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } authentication [ message-digest ]
no
Disables authentication
for the specified area.
ipaddress
Specifies the IP address
of the area where authentication will be enabled in IPv4 dotted-decimal
notation.
decimal-value
Specifies the identification
number of the area where authentication will be enabled. This must
be an integer from 0 through 4294967295.
authentication
Sets the OSPF authentication
type to use the simple authentication method.
message-digest
Sets the OSPF authentication
type to use the message digest 5 (MD5) authentication method.
Usage:
Use this command to
enable authentication of OPSF areas.
Example:
The following command
enables authentication for an OSPF area defined by the IP address 192.168.100.10 and
the OSPF authentication type to MD5:
area 192.168.100.10
authentication message-digest
area default-cost
Configures the default
cost for an area.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } default-cost cost_value
no
Deletes the default
cost for the area.
ipaddress
Specifies the IP address
of the area in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the area as an integer from 0 through 4294967295.
cost_value
Sets the default cost
to be configured for the specified area as an integer from 0 through 16777215.
Usage:
Use this command to
configure the default cost for an OSPF area.
Example:
The following command
sets the default cost for an OSPF area defined by the IP address 192.168.100.10 to 300:
area 192.168.100.10
default-cost 300
area nssa
Defines an area as
an NSSA (Not So Stubby Area) and configures OSPF parameters for
it.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } nssa [ default-information-originate ] [ no-redistribution ] [ no-summary ] [ translate-always ] [ translate-candidate ] [ translate-never ]
ipaddress
Specifies the IP address
of the NSSA in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the NSSA area as an integer from 0 through 4294967295.
default-information-originate
Originates default
information to the NSSA area.
no-redistribution
Does not redistribute
external routes to the NSSA area.
no-summary
Does not inject inter-area
routes into NSSA.
translate-always
Configures the NSSA-ABR
(Area Border Router) to always translate
translate-candidate
Configure NSSA-ABR
for translate election. (This is enabled by default.)
translate-never
Configure NSSA-ABR
to never translate.
Usage:
Use this command to
define NSSA areas.
Example:
The following command
defines the area designated by the IP address 192.168.100.10 as
an NSSA area:
area 192.168.100.10 nssa
area stub
Defines an area as
an OSPF stub area.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } stub [ no-summary ]
ipaddress
Specifies the IP address
of the stub area in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the stub area as an integer from 0 through 4294967295.
no-summary
Disables (stops) the
ABR (Area Border Router) from sending summary link state advertisements
(LSAs) into the stub area.
Usage:
Use this command to
define an OPSF area as a stub area.
Example:
The following command
defines the OSPF area defined by the IP address 192.168.100.10 as
a stub area:
area 192.168.100.10 stub
area virtual-link
Configures a virtual
link between an area that cannot be physically connected to the
network backbone and an area that is physically connected to the
network backbone.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } virtual-link router_id_address
no
Disables area virtual-link.
ipaddress
Specifies the IP address
of the transit area in IPv4 dotted-decimal notation.
decimal-value
Specifies The identification
number of the transit area as an integer from 0 through 4294967295.
router_id_address
Specifies the router
id of the ABR to be linked to in IPv4 dotted-decimal notation.
Usage:
Use this command to
create a virtual link between an area that is connected to the network backbone
and an area that cannot be connected to the network backbone.
Example:
The following command
creates a virtual link between the OSPF areas defined by the IP address 192.168.100.10 and
the IP address 192.168.200.20:
area 192.168.100.10
virtual-link 192.168.200.20
area virtual link
authentication
Configures the OSPF
authentication method to be used by the virtual link between an
area that cannot be physically connected to the network backbone
and an area that is physically connected to the network backbone.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } virtual-link router_id_address authentication { message-digest | null | text }
no
Disables area virtual
link authentication.
ipaddress
Specifies the IP address
of the transit ares in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the transit area as an integer from 0 through 4294967295.
router_id_address
Specifies the router
id of the ABR to be linked to in IPv4 dotted-decimal notation.
authentication
Sets the OSPF authentication
type to use the simple authentication method.
message-digest
Sets the OSPF authentication
type to use the message digest (MD) authentication method.
null
Set the OSPF authentication
type to use no authentication, thus disabling either MD or clear text
methods.
text
Set the OSPF authentication
type to use the clear text authentication method.
Usage:
Use this command to
set the authentication method for a virtual link between an area
that is connected to the network backbone and an area that cannot
be connected to the network backbone.
Example:
The following command
sets the authentication method for a virtual link between the OSPF areas
defined by the IP address 192.168.100.10 and
the IP address 192.168.200.20 to
use no authentication:
area 192.168.100.10
virtual-link 192.168.200.2 null
area virtual-link
authentication-key
Configures the authentication
password for the virtual link between an area that cannot be physically
connected to the network backbone and an area that is physically connected
to the network backbone.
Privilege:
Security Administrator,
Administrator
Syntax
area { ipaddress | decimal_value } virtual-link router_id_address authentication-key { encrypted password encrypted_authentication_key | password authentication_key }
no area { ipaddress | decimal_value } virtual-link router_id_address authentication-key
no
Disables the area virtual
link authentication key.
ipaddress
Specifies the IP address
of the transit area in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the transit area as an integer from 0 through 4294967295.
router_id_address
Specifies the router
id of the ABR to be linked to in IPv4 dotted-decimal notation.
encrypted password
encrypted_authentication_key is
an alphanumeric string of 1 through 523 characters.
Use this if you are
pasting a previously encrypted authentication key into the CLI command.
password authentication_key
The password to use
for authentication. authentication_key is
an alphanumeric string of 1 through 16 characters that denotes the
authentication password. This variable is entered in clear text
format.
Usage:
Use this command to
specify the authentication password for a virtual link between an
area that is connected to the network backbone and an area that
cannot be connected to the network backbone.
Example:
The following command
creates an authentication password of 123456 for
a virtual link between the OSPF areas defined by the IP address 192.168.100.10 and
the IP address 192.168.200.20:
area 192.168.100.10
virtual-link 192.168.200.20 authentication-key password 123456
area virtual link
intervals
Configures the interval
or delay type, and the delay time in seconds, for the virtual link
between an area that cannot be physically connected to the network
backbone and an area that is physically connected to the network
backbone.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] area { ipaddress | decimal_value } virtual-link router_id_address [ dead-interval value ] [ hello-interval value ] [ retransmit-interval value ] [ transmit-delay value ]
no
Disables the area
virtual link intervals.
ipaddress
Specifies the IP address
of the area in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the transit area as an integer from 0 through 4294967295.
router_id_address
Specifies the router
id of the ABR to be linked to in IPv4 dotted-decimal notation.
dead-interval value
Specifies The interval
(in seconds) that the router should wait, during which time no packets are
received and after the router considers a neighboring router to
be off-line. value must
be an integer from 1 through 65535.
hello-interval value
Specifies the interval
(in seconds) before sending a hello packet. value must
be an integer from 1 through 65535.
retransmit-interval value
Specifies the interval
(in seconds) that router should wait before retransmitting a packet. value must
be an integer from 1 through 3600.
transmit-delay value
Specifies the interval
(in seconds) that the router should wait before transmitting a packet. value must
be an integer from 1 through 3600.
Usage:
Use this command to
set the intervals or delay types for a virtual link between an area
that is connected to the network backbone and an area that cannot
be connected to the network backbone.
Example:
The following command
sets the retransmit interval for a virtual link between the OSPF areas
defined by the IP address 192.168.100.10 and
the IP address 192.168.200.20 to 60 seconds:
area 192.168.100.10
virtual-link 192.168.200.20 retransmit-interval 60
area virtual link
message-digest-key
Enables the use of
MD5-based OSPF authentication for the virtual link between an area
that cannot be physically connected to the network backbone and
an area that is physically connected to the network backbone.
Privilege:
Security Administrator,
Administrator
Syntax
area { ipaddress | decimal_value } virtual-link router_id_address message-digest-key key_id md5 { encrypted password encrypted_authentication_key |
password authentication_key }
no area { ipaddress | decimal_value } virtual-link router_id_address message-digest-key key_id
no
Disables the area
virtual link message digest key.
ipaddress
Specifies the IP address
of the transit area in IPv4 dotted-decimal notation.
decimal-value
Specifies the identification
number of the transit area as an integer from 0 through 4294967295.
router_id_address
Specifies the router
id of the ABR to be linked to in IPV4 dotted-decimal notation.
message-digest-key key_id
Specifies the key
identifier number. key_id must
be an integer from 1 through 255.
encrypted password
Specifies the use of
an encrypted password. encrypted_authentication_key is
an alphanumeric string of 1 through 523 characters.
Used this if you are
pasting a previously encrypted authentication key into the CLI command.
password authentication_key
Specifies the password
to use for authentication. authentication_key is
an alphanumeric string from 1 through 16 characters that is entered
in clear text format.
Usage:
Use this command to
enable the use of MD5-based OSPF authentication for a virtual link between
an area that is connected to the network backbone and an area that
cannot be connected to the network backbone.
Example:
The following command
enables the use of MD5-based OSPF authentication for a virtual link
between the OSPF areas defined by the IP address 192.168.100.10 and
the IP address 192.168.200.20,
sets the MD5 Key ID to 25, and
the password to 123456:
area 192.168.100.10
virtual-link 192.168.200.20 message-digest-key 25 md5 password 123456
capability graceful-restart
Configures graceful-restart.
By default, this capability is set to enabled.
Privilege:
Security Administrator,
Administrator
Syntax
[ no | default ] capability graceful-restart
no
Disables the graceful-restart
capability.
default
Enables the graceful-restart
capability if it has been disabled.
Usage:
Use this command to
configure graceful-restart.
Example:
The following command
configures graceful-restart:
capability graceful-restart
default-information
originate
Creates a default
external route into an OSPF routing domain.
Privilege:
Security Administrator,
Administrator
Syntax
default-information originate
default-information originate [ always ] [ metric metric_value ] [ metric-type { 1 | 2 } ] [ route-map route_map_name ]
no default-information originate
no
Disables the default
external route.
always
Always advertise the
route regardless of whether or not the software has a default route.
metric metric_value
Sets the OSPF metric
used in creating the default rout as an integer from 1 through 16777214.
metric-type { 1 | 2 }
Sets the default route
metric type.
1: Sets the OSPF
external link type for default routes to Type 1.
2: Sets the OSPF
external link type for default routes to Type 2.
route-map route_map_name
Specifies the name
of the default route-map to be use as an alphanumeric string of
1 through 79 characters.
Usage:
Use this command to
set the default external route into an OSPF routing domain.
Example:
The following command
sets the default external route to originate from the route map named rmap1:
default-information
originate route-map rmap1
default-metric
Configures the default
metric value for the OSPF routing protocol. All OSPF interfaces
have a cost, which is a routing metric that is used in the link-state
calculation. Routes with lower total path metrics are preferred
over those with higher path metrics. When several equal-cost routes
to a destination exist, traffic is distributed equally among them.
The default metric is a global parameter that specifies the cost
applied to all OSPF routes by default.
Privilege:
Security Administrator,
Administrator
Syntax
default-metric metric_value
no default-metric
metric-value
Sets the metric value
expressed as an integer from 1 through 16777214. Default: 26385.
no
Enables or disables
the default metric value for OSPF.
Usage:
Use this command to
set the default metric for routes.
Example:
The following command
sets the default metric to 235:
default-metric 235
distance
Configures the OSPF
route administrative distances for all OSPF route types or based
on specific route type. Administrative distance is the measure used
by Cisco routers to select the best path when there are two or more
different routes to the same destination from two different routing
protocols. Administrative distance defines the reliability of a
routing protocol. Each routing protocol is prioritized in order
of most to least reliable (believable) using an administrative distance
value. A lower numerical value is preferred.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] distance { distance_value | ospf { [ external distance_value ] [ inter-area distance_value ] [ intra-area distance_value ] } }
no
Disables the OSPF
route administrative distances for all OSPF route types.
distance_value
Specifies the OSPF
route administrative distances as an integer from 1 to 255. The
default distance value is 110.
ospf { [ external distance_value ] [ inter-area distance_value ] [ intra-area distance_value ] }
Set the distance value
for the specified route type.
external distance_value:
Set the OSPF route administrative distance for routes from other
routing domains, learned by redistribution. This must be an integer
from 1 through 255. The default is 110.
inter-area distance_value: sets
the OSPF route administrative distance for routes from one routing
area to another. This must be an integer from 1 through 255. The
default is 110.
intra-area distance_value: sets
the OSPF route administrative distance for all routes within an
area. This must be an integer from 1 through 255. The default is
110.
no
Enables or disables
the specified option.
Usage:
Use this command to
set the administrative distance for OSPF routes.
Example:
The following command
sets the administrative distance for all OSPF route types to 30:
distance 30
distribute-list
Enables or disables
the filtering of networks in outgoing routing updates.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] distribute-list route_access_list out { connected | rip | static }
no
Disables the filtering
of networks in outgoing routing updates.
route_access_list
Specifies the name
of the OSPF route access list to use for filtering as an alphanumeric string
of 1 through 63 characters.
connected
Filters connected
routes.
rip
Filters RIP routes.
(RIP is not supported at this time.)
static
Filters static routes.
no
Disables the specified
option.
Usage:
Use this command to
enable the filtering of outgoing route updates by using the specified route
access list.
Example:
The following command
uses the route access list named
ral1 to
filter outgoing routing updates for all connected routes:
distribute-list ral1
out connected
end
Exits the current
configuration mode and returns to the Exec mode.
Privilege:
Security Administrator,
Administrator
Usage:
Use this command to
return to the Exec mode.
exit
Exits the current
mode and returns to the parent configuration mode.
Privilege:
Security Administrator,
Administrator
Usage:
Use this command to
return to the parent configuration mode.
ip vrf
Configures the Virtual
Routing and Forwarding (VRF) instances for OSPF routing protocol.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] ip vrf vrf_name
no
Disables the VRF instances
and removes the configured VRF context association for OSPF routing.
vrfvrf_name
Configures Virtual
Routing & Forwarding (VRF) parameters.
vrf_name is
name of a preconfigured VRF context configured in Context Configuration
Mode via the ip
vrf command. It is an alphanumeric string of 1 through
63 characters.
Usage:
Use this command to
configure the IP VRF forwarding also to associate the preconfigured VRF
context with the specific tunnel interface.
This command creates
and enters the OSPF VRF Configuration Mode if required to configure
the VRF context instances for OSPF routing.
Example:
The following command
enables preconfigured VRF context instance
ospf_vrf1 for
OSPF routing and enters the OSPF VRF Configuration mode:
ip vrf ospf_vrf1
neighbor
Configures OSPF routers
that interconnect to non-broadcast networks.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] neighbor ip_address [ poll-interval poll_interval_value ] [ priority priority_value ]
no
Disables OSPF routers
that interconnect to non-broadcast networks.
ip_address
Specifies the interface
IP address of the OSPF neighbor expressed using IPv4 dotted-decimal
notation.
poll-interval poll_interval_value
Default: 120
Sets the number of
seconds in the dead neighbor polling interval as an integer from
1 through 65535
priority priority_value
Default: 0
Sets the 8-bit number
that represents the router priority value of the non-broadcast neighbor associated
with the specified IP address. This must be an integer from 0 through
255. This keyword does not apply to point-to-multipoint interfaces.
Usage:
Use this command to
configure OSPF routers that connect to non-broadcast networks.
Example:
The following command
specifies an OSPF router neighbor with the IP address of
192.168.100.10:
neighbor 192.168.100.10
network area
Enables OSPF on an
interface and defines the OSPF area for that network.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] network network_ip_address / network_mask area { area_id | area_ip_address }
no
Disables OSPF on an
interface and defines the OSPF area for that network.
network_ip_address/network_mask
Specifies the network
address and mask as well as the interface on which OSPF will be enabled. network_ip_address in
entered in IPv4 dotted-decimal notation, followed by the “/” and
the mask (CIDR).
area_id
Specifies the OSPF
area identification number for the specified network as an integer
from 0 through 4294967295.
area_ip_address
Specifies the IP address
of the OSPF area for this network. This must be entered in IPv4 dotted-decimal
notation.
Usage:
Use this command to
specify the IP address of the network interface that the OSPF router will
use.
Example:
The following command
specified that the OSPF router will use the interface at IP address
192.168.1.0 with
a netmask of
24:
network 192.168.1.0/24
ospf graceful-restart
Configures OSPF graceful-restart
settings.
Privilege:
Security Administrator,
Administrator
Syntax
ospf graceful-restart { grace-period grace_period | helper { never | policy { only-reload | only-upgrade } } }
grace-period grace-period
Specifies the OSPF
graceful restart grace period (in seconds) as an integer from 1
through 1800. Default grace period is 60 seconds.
helper { never | policy { only-reload | only-upgrade } }
Helps configure OSPF
helper settings.
never: Do not allow
helper mode.
policy { only-reload | only-upgrade }:
Allows ospf graceful-restart helper mode.
- only-reload: Allows
ospf graceful-restart helper mode only for a reload.
- only-upgrade: Allows
ospf graceful-restart helper mode only for an upgrade.
Default is ospf graceful-restart
grace-period.
Usage:
Use this command to
configure graceful-restart specific settings.
Example:
The following command
sets the graceful restart grace period to
60 seconds:
ospf graceful-restart
grace-period 60
ospf graceful-restart
helper policy only-reloadL
ospf graceful-restart
helper policy only-upgrade
ospf router-id
This command configures
the router ID for the OSPF process.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] ospf router-id ip_address
no
Disables the router
ID for the OSPF process.
router-id ip_address
Specifies the router
ID for the OSPF process. ip_address is entered
using IPv4 dotted-decimal notation.
Usage:
Use this command to
set the router ID for the current OSPF router process.
Example:
The following command
sets the router ID to 192.168.200.1:
ospf router-id 192.168.200.1
passive-interface
Enables or disables
the suppression of OSPF routing updates on the specified interface.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] passive-interface interface_name
no
Disables the name
assigned to a logical interface within the specific context.
interface_name
Specifies the name
assigned to a logical interface within the specific context as an alphanumeric
string of 1 through 79 characters.
Usage:
Use this command to
suppress router updates on an interface in the current context.
Example:
The following command
suppresses OSPF routing updates on the interface named Intfc1:
passive-interface Intfc1
redistribute
Redistributes routes
from other protocols to OSPF neighbors using the OSPF protocol.
Privilege:
Security Administrator,
Administrator
Syntax
redistribute { connected | rip | static } [ metric metric_value ] [ metric-type { 1 | 2 } ] [ route-map route_map_name ]
no redistribute { connected | rip | static }
no
Disables the redistributed
routes.
connected
Redistributes connected
routes.
rip
Specifies that RIP
routes will be redistributed. (RIP is not supported at this time.)
static
Redistributes static
routes.
metric metric_value
Sets the OSPF metric
used in the redistributed route. This must be an integer from 1
through 16777214.
metric-type { 1 | 2 }
Default: 2
Sets route metric
type that is applied to redistributed routes.
1: Sets the OSPF
external link type for routes to Type 1.
2: Sets the OSPF
external link type for routes to Type 2.
route-map route_map_name
Filter routes through
the specified route map before redistribution. route_map_name specifies
the name of the route-map to use as an alphanumeric string of 1
through 79 characters.
Usage:
Use this command to
define what routing protocols should have their routes redistributed into
OSPF.
Example:
The following command
defines that BGP routes should be redistributed:
redistribute connected
refresh timer
Adjusts settings for
the OSPF refresh timer.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] refresh timer value
no
Disables the refresh
timer.
value
Default: 10
Specifies the minimum
amount of time (in seconds) to wait before refreshing a Link-state Advertisement
(LSA). This must be an integer from 10 through 1800.
Usage:
Use this command to
define the amount of time to wait before refreshing an LSA.
Example:
The following command
sets the refresh timer to
90 seconds:
refresh timer 90
router-id
Configures the router
ID for the OSPF process.
Privilege:
Security Administrator,
Administrator
Syntax
[ no ] router-id ip_address
no
Disables the router
ID for the OSPF process.
Specifies the router
ID for the OSPF process in IPv4 dotted-decimal notation.
Usage:
Use this command to
set the router ID for the current OSPF router process.
Example:
The following command
sets the router ID to
192.168.200.1:
router-id 192.168.200.1
timers spf
Sets the Shortest
Path First (SPF) timers.
Privilege:
Security Administrator,
Administrator
Syntax
timers spf delay_value hold_time_value
no timers spf
delay_value
Default: 5
Specifies the delay
time (in seconds) between receiving changes to an SPF calculation.
This must be an integer from 0 through 4294967295.
hold_time_value
Default: 10
Specifies the hold
time (in seconds) between consecutive SPF calculations. This must
be an integer from 0 through 4294967295.
Usage:
Use this command to
set the SPF delay and hold timers for the current OSPF router process.
Example:
The following command
sets the delay timer to
15 and the
hold timer to
15:
timers spf 15 15