The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to configure Open Shortest Path First version 2 (OSPFv2) for IPv4 networks.
This chapter includes the following sections:
OSPFv2 is an IETF link-state protocol (see the “Link-State Protocols” section) for IPv4 networks. An OSPFv2 router sends a special message, called a hello packet , out each OSPF-enabled interface to discover other OSPFv2 neighbor routers. Once a neighbor is discovered, the two routers compare information in the Hello packet to determine if the routers have compatible configurations. The neighbor routers attempt to establish adjacency, which means that the routers synchronize their link-state databases to ensure that they have identical OSPFv2 routing information. Adjacent routers share link-state advertisements (LSAs) that include information about the operational state of each link, the cost of the link, and any other neighbor information. The routers then flood these received LSAs out every OSPF-enabled interface so that all OSPFv2 routers eventually have identical link-state databases. When all OSPFv2 routers have identical link-state databases, the network is converged (see the “Convergence” section). Each router then uses Dijkstra’s Shortest Path First (SPF) algorithm to build its route table.
You can divide OSPFv2 networks into areas. Routers send most LSAs only within one area, which reduces the CPU and memory requirements for an OSPF-enabled router.
OSPFv2 supports IPv4, while OSPFv3 supports IPv6. For more information, see Chapter7, “Configuring OSPFv3”
This section includes the following topics:
OSPFv2 routers periodically send Hello packets on every OSPF-enabled interface. The hello interval determines how frequently the router sends these Hello packets and is configured per interface. OSPFv2 uses Hello packets for the following tasks:
The Hello packet contains information about the originating OSPFv2 interface and router, including the assigned OSPFv2 cost of the link, the hello interval, and optional capabilities of the originating router. An OSPFv2 interface that receives these Hello packets determines if the settings are compatible with the receiving interface settings. Compatible interfaces are considered neighbors and are added to the neighbor table (see the “Neighbors” section).
Hello packets also include a list of router IDs for the routers that the originating interface has communicated with. If the receiving interface sees its own router ID in this list, then bidirectional communication has been established between the two interfaces.
OSPFv2 uses Hello packets as a keepalive message to determine if a neighbor is still communicating. If a router does not receive a Hello packet by the configured dead interval (usually a multiple of the hello interval), then the neighbor is removed from the local neighbor table.
An OSPFv2 interface must have a compatible configuration with a remote interface before the two can be considered neighbors. The two OSPFv2 interfaces must match the following criteria:
If there is a match, the following information is entered into the neighbor table:
Not all neighbors establish adjacency. Depending on the network type and designated router establishment, some neighbors become fully adjacent and share LSAs with all their neighbors, while other neighbors do not. For more information, see the “Designated Routers” section.
Adjacency is established using Database Description packets, Link State Request packets, and Link State Update packets in OSPF. The Database Description packet includes just the LSA headers from the link-state database of the neighbor (see the “Link-State Database” section). The local router compares these headers with its own link-state database and determines which LSAs are new or updated. The local router sends a Link State Request packet for each LSA that it needs new or updated information on. The neighbor responds with a Link State Update packet. This exchange continues until both routers have the same link-state information.
Networks with multiple routers present a unique situation for OSPF. If every router floods the network with LSAs, the same link-state information will be sent from multiple sources. Depending on the type of network, OSPFv2 might use a single router, the designated router ( DR), to control the LSA floods and represent the network to the rest of the OSPFv2 area (see the “Areas” section). If the DR fails, OSPFv2 selects a backup designated router (BDR). If the DR fails, OSPFv2 uses the BDR.
The DR and BDR are selected based on the information in the Hello packet. When an interface sends a Hello packet, it sets the priority field and the DR and BDR field if it knows who the DR and BDR are. The routers follow an election procedure based on which routers declare themselves in the DR and BDR fields and the priority field in the Hello packet. As a final tie breaker, OSPFv2 chooses the highest router IDs as the DR and BDR.
All other routers establish adjacency with the DR and the BDR and use the IPv4 multicast address 224.0.0.6 to send LSA updates to the DR and BDR. Figure 6-1 shows this adjacency relationship between all routers and the DR.
DRs are based on a router interface. A router might be the DR for one network and not for another network on a different interface.
Figure 6-1 DR in Multi-Access Network
The ABR has a separate link-state database for each area to which it connects. The ABR sends Network Summary (type 3) LSAs (see the “Route Summarization” section) from one connected area to the backbone area. The backbone area sends summarized information about one area to another area. In Figure 6-2, Area 0 sends summarized information about Area 5 to Area 3.
OSPFv2 defines one other router type: the autonomous system boundary router (ASBR). This router connects an OSPFv2 area to another autonomous system. An autonomous system is a network controlled by a single technical administration entity. OSPFv2 can redistribute its routing information into another autonomous system or receive redistributed routes from another autonomous system. For more information, see “Advanced Features” section.)
OSPFv2 uses link-state advertisements (LSAs) to build its routing table.
Table 6-1 shows the LSA types supported by Cisco NX-OS.
|
|
|
---|---|---|
LSA sent by every router. This LSA includes the state and the cost of all links and a list of all OSPFv2 neighbors on the link. Router LSAs trigger an SPF recalculation. Router LSAs are flooded to local OSPFv2 area. |
||
LSA sent by the DR. This LSA lists all routers in the multi-access network. Network LSAs trigger an SPF recalculation. See the “Designated Routers” section. |
||
LSA sent by the area border router to an external area for each destination in the local area. This LSA includes the link cost from the area border router to the local destination. See the “Areas” section. |
||
LSA sent by the area border router to an external area. This LSA advertises the link cost to the ASBR only. See the “Areas” section. |
||
LSA generated by the ASBR. This LSA includes the link cost to an external autonomous system destination. AS External LSAs are flooded throughout the autonomous system. See the “Areas” section. |
||
LSA generated by the ASBR within a not-so-stubby area (NSSA). This LSA includes the link cost to an external autonomous system destination. NSSA External LSAs are flooded only within the local NSSA. See the “Areas” section. |
||
LSA used to extend OSPF. See the “Opaque LSAs” section. |
Each OSPFv2 interface is assigned a link cost. The cost is an arbitrary number. By default, Cisco NX-OS assigns a cost that is the configured reference bandwidth divided by the interface bandwidth. By default, the reference bandwidth is 40 Gb/s. The link cost is carried in the LSA updates for each link.
When an OSPFv2 router receives an LSA, it forwards that LSA out every OSPF-enabled interface, flooding the OSPFv2 area with this information. This LSA flooding guarantees that all routers in the network have identical routing information. LSA flooding depends on the OSPFv2 area configuration (see the “Areas” section). The LSAs are flooded based on the link-state refresh time (every 30 minutes by default). Each LSA has its own link-state refresh time.
You can control the flooding rate of LSA updates in your network by using the LSA group pacing feature. LSA group pacing can reduce high CPU or buffer utilization. This feature groups LSAs with similar link-state refresh times to allow OSPFv2 to pack multiple LSAs into an OSPFv2 Update message.
By default, LSAs with link-state refresh times within four minutes of each other are grouped together. You should lower this value for large link-state databases or raise it for smaller databases to optimize the OSPFv2 load on your network.
Each router maintains a link-state database for the OSPFv2 network. This database contains all the collected LSAs, and includes information on all the routes through the network. OSPFv2 uses this information to calculate the bast path to each destination and populates the routing table with these best paths.
LSAs are removed from the link-state database if no LSA update has been received within a set interval, called the MaxAge. Routers flood a repeat of the LSA every 30 minutes to prevent accurate link-state information from being aged out. Cisco NX-OS supports the LSA grouping feature to prevent all LSAs from refreshing at the same time. For more information, see the “Flooding and LSA Group Pacing” section.
Opaque LSAs allow you to extend OSPF functionality. Opaque LSAs consist of a standard LSA header followed by application-specific information. This information might be used by OSPFv2 or by other applications. OSPFv2 uses Opaque LSAs to support OSPFv2 Graceful Restart capability (see the “High Availability and Graceful Restart” section). Three Opaque LSA types are defined as follows:
OSPFv2 runs the Dijkstra shortest path first algorithm on the link-state database. This algorithm selects the best path to each destination based on the sum of all the link costs for each link in the path. The resultant shortest path for each destination is then put in the OSPFv2 route table. When the OSPFv2 network is converged, this route table feeds into the unicast RIB. OSPFv2 communicates with the unicast RIB to do the following:
OSPFv2 also runs a modified Dijkstra algorithm for fast recalculation for summary and external (type 3, 4, 5, and 7) LSA changes.
You can configure authentication on OSPFv2 messages to prevent unauthorized or invalid routing updates in your network. Cisco NX-OS supports two authentication methods:
You can configure the OSPFv2 authentication for an OSPFv2 area or per interface.
Simple password authentication uses a simple clear-text password that is sent as part of the OSPFv2 message. The receiving OSPFv2 router must be configured with the same clear-text password to accept the OSPFv2 message as a valid route update. Because the password is in clear text, anyone who can watch traffic on the network can learn the password.
You should use MD5 authentication to authenticate OSPFv2 messages. You configure a password that is shared at the local router and all remote OSPFv2 neighbors. For each OSPFv2 message, Cisco NX-OS creates an MD5 one-way message digest based on the message itself and the encrypted password. The interface sends this digest with the OSPFv2 message. The receiving OSPFv2 neighbor validates the digest using the same encrypted password. If the message has not changed, the digest calculation is identical and the OSPFv2 message is considered valid.
MD5 authentication includes a sequence number with each OSPFv2 message to ensure that no message is replayed in the network.
Cisco NX-OS supports a number of advanced OSPFv2 features that enhance the usability and scalability of OSPFv2 in the network. This section includes the following topics:
You can limit the amount of external routing information that floods an area by making it a stub area. A stub area is an area that does not allow AS External (type 5) LSAs (see the “Link-State Advertisements” section). These LSAs are usually flooded throughout the local autonomous system to propagate external route information. Stub areas have the following requirements:
Figure 6-3 shows an example of an OSPFv2 autonomous system where all routers in area 0.0.0.10 have to go through the ABR to reach external autonomous systems. area 0.0.0.10 can be configured as a stub area.
Stub areas use a default route for all traffic that needs to go through the backbone area to the external autonomous system. The default route is 0.0.0.0 for IPv4.
A Not-so-Stubby Area ( NSSA) is similar to a stub area, except that an NSSA allows you to import autonomous system external routes within an NSSA using redistribution. The NSSA ASBR redistributes these routes and generates NSSA External (type 7) LSAs that it floods throughout the NSSA. You can optionally configure the ABR that connects the NSSA to other areas to translate this NSSA External LSA to AS External (type 5) LSAs. The ABR then floods these AS External LSAs throughout the OSPFv2 autonomous system. Summarization and filtering are supported during the translation. See the “Link-State Advertisements” section for details on NSSA External LSAs.
You can, for example, use NSSA to simplify administration if you are connecting a central site using OSPFv2 to a remote site that is using a different routing protocol. Before NSSA, the connection between the corporate site border router and a remote router could not be run as an OSPFv2 stub area because routes for the remote site could not be redistributed into a stub area. With NSSA, you can extend OSPFv2 to cover the remote connection by defining the area between the corporate router and remote router as an NSSA (see the “Configuring NSSA” section).
Virtual links allow you to connect an OSPFv2 area ABR to a backbone area ABR when a direct physical connection is not available. Figure 6-4 shows a virtual link that connects Area 3 to the backbone area through Area 5.
You can also use virtual links to temporarily recover from a partitioned area, which occurs when a link within the area fails, isolating part of the area from reaching the designated ABR to the backbone area.
OSPFv2 can learn routes from other routing protocols by using route redistribution. See the “Route Redistribution” section. You configure OSPFv2 to assign a link cost for these redistributed routes or a default link cost for all redistributed routes.
Route redistribution uses route maps to control which external routes are redistributed. You must configure a route map with the redistribution to control which routes are passed into OSPFv2. A route map allows you to filter routes based on attributes such as the destination, origination protocol, route type, route tag, and so on. You can use route maps to modify parameters in the AS External (type 5) and NSSA External (type 7) LSAs before these external routes are advertised in the local OSPFv2 autonomous system. See “Configuring Route Policy Manager,” for details on configuring route maps.
Because OSPFv2 shares all learned routes with every OSPF-enabled router, you might want to use route summarization to reduce the number of unique routes that are flooded to every OSPF-enabled router. Route summarization simplifies route tables by replacing more-specific addresses with an address that represents all the specific addresses. For example, you can replace 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 with one summary address, 10.1.0.0/16.
Typically, you would summarize at the boundaries of area border routers (ABRs). Although you could configure summarization between any two areas, it is better to summarize in the direction of the backbone so that the backbone receives all the aggregate addresses and injects them, already summarized, into other areas. The two types of summarization are as follows:
You configure inter-area route summarization on ABRs, summarizing routes between areas in the autonomous system. To take advantage of summarization, you should assign network numbers in areas in a contiguous way to be able to lump these addresses into one range.
External route summarization is specific to external routes that are injected into OSPFv2 using route redistribution. You should make sure that external ranges that are being summarized are contiguous. Summarizing overlapping ranges from two different routers could cause packets to be sent to the wrong destination. Configure external route summarization on ASBRs that are redistributing routes into OSPF.
When you configure a summary address, Cisco NX-OS automatically configures a discard route for the summary address to prevent routing black holes and route loops.
Cisco NX-OS provides a multilevel high-availability architecture. OSPFv2 supports stateful restart, which is also referred to as non-stop routing (NSR). If OSPFv2 experiences problems, it attempts to restart from its previous run-time state. The neighbors do not register any neighbor event in this case. If the first restart is not successful and another problem occurs, OSPFv2 attempts a graceful restart.
A graceful restart, or nonstop forwarding (NSF), allows OSPFv2 to remain in the data forwarding path through a process restart. When OSPFv2 needs to perform a graceful restart, it sends a link-local opaque (type 9) LSA, called a grace LSA (see the “Opaque LSAs” section). This restarting OSPFv2 platform is called NSF capable.
The grace LSA includes a grace period, which is a specified time that the neighbor OSPFv2 interfaces hold onto the LSAs from the restarting OSPFv2 interface. (Typically, OSPFv2 tears down the adjacency and discards all LSAs from a down or restarting OSPFv2 interface.) The participating neighbors, which are called NSF helpers, keep all LSAs that originate from the restarting OSPFv2 interface as if the interface was still adjacent.
When the restarting OSPFv2 interface is operational again, it rediscovers its neighbors, establishes adjacency, and starts sending its LSA updates again. At this point, the NSF helpers recognize that the graceful restart has finished.
You can configure an OSPFv2 interface to act as a stub router using the OSPFv2 Stub Router Advertisements feature. Use this feature when you want to limit the OSPFv2 traffic through this router, such as when you want to introduce a new router to the network in a controlled manner or limit the load on a router that is already overloaded. You might also want to use this feature for various administrative or traffic engineering reasons.
OSPFv2 stub router advertisements do not remove the OSPFv2 router from the network topology, but they do prevent other OSPFv2 routers from using this router to route traffic to other parts of the network. Only the traffic that is destined for this router or directly connected to this router is sent.
OSPFv2 stub router advertisements mark all stub links (directly connected to the local router) to the cost of the local OSPFv2 interface. All remote links are marked with the maximum cost (0xFFFF).
Cisco NX-OS supports multiple instances of the OSPFv2 protocol that run on the same node. You cannot configure multiple instances over the same interface. By default, every instance uses the same system router ID. You must manually configure the router ID for each instance if the instances are in the same OSPFv2 autonomous system.
Cisco NX-OS optimizes the SPF algorithm in the following ways:
OSPFv2 supports Virtual Routing and Forwarding instances (VRFs). VRFs exist within virtual device contexts (VDCs). By default, Cisco NX-OS places you in the default VDC and default VRF unless you specifically configure another VDC and VRF. You can have up to four instances of OSPFv2 in a VDC. Each OSPFv2 instance can support multiple VRFs, up to the system limit. For more information, see the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 4.x and see Chapter14, “Configuring Layer 3 Virtualization”
The following table shows the licensing requirements for this feature:
OSPFv2 has the following prerequisites:
OSPFv2 has the following configuration guidelines and limitations:
Note If you are familiar with the Cisco IOS CLI, be aware that the Cisco NX-OS commands for this feature might differ from the Cisco IOS commands that you would use.
Configure OSPFv2 after you have designed your OSPFv2 network.
This section includes the following topics:
You must enable the OSPFv2 feature before you can configure OSPFv2.
Ensure that you are in the correct VDC (or use the switchto vdc command).
|
|
|
---|---|---|
Use the no feature ospf command to disable the OSPFv2 feature and remove all associated configuration.
|
|
---|---|
Disables the OSPFv2 feature and removes all associated configuration. |
The first step in configuring OSPFv2 is to create an OSPFv2 instance. You assign a unique instance tag for this OSPFv2 instance. The instance tag can be any string.
For more information about OSPFv2 instance parameters, see the “Configuring Advanced OSPFv2” section.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Use the show ip ospf instance-tag command to verify that the instance tag is not in use.
OSPFv2 must be able to obtain a router identifier (for example, a configured loopback address) or you must configure the router ID option.
Ensure that you are in the correct VDC (or use the switchto vdc command).
Use the no router ospf command to remove the OSPFv2 instance and all associated configuration.
|
|
---|---|
Note This command does not remove OSPF configuration in interface mode. You must manually remove any OSPFv2 commands configured in interface mode.
You can configure optional parameters for OSPF.
For more information about OSPFv2 instance parameters, see the “Configuring Advanced OSPFv2” section.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
OSPFv2 must be able to obtain a router identifier (for example, a configured loopback address) or you must configure the router ID option.
Ensure that you are in the correct VDC (or use the switchto vdc command).
You can configure the following optional parameters for OSPFv2 in router configuration mode:
The following example shows how to create an OSPFv2 instance:
switch(config)# router ospf 201
switch(config-router)# copy running-config startup-config
You can configure a network to OSPFv2 by associating it through the interface that the router uses to connect to that network (see the “Neighbors” section). You can add all networks to the default backbone area (Area 0), or you can create new areas using any decimal number or an IP address.
Note All areas must connect to the backbone area either directly or through a virtual link.
Note OSPF is not enabled on an interface until you configure a valid IP address for that interface.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
2. interface interface-type slot/port
3. ip address ip-prefix/length
4. ip router ospf instance-tag area area-id [ secondaries none ]
5. show ip ospf instance-tag interface interface-type slot/por t
|
|
|
---|---|---|
interface interface-type slot/port |
||
ip router ospf instance-tag area area-id [ secondaries none ] |
||
show ip ospf instance-tag interface interface-type slot/port |
||
You can configure the following optional parameters for OSPFv2 in interface configuration mode:
|
|
---|---|
Configures the OSPFv2 cost metric for this interface. The default is to calculate cost metric, based on reference bandwidth and interface bandwidth. The range is from 1 to 65535. |
|
Configures the OSPFv2 dead interval, in seconds. The range is from 1 to 65535. The default is four times the hello interval, in seconds. |
|
Configures the OSPFv2 hello interval, in seconds. The range is from 1 to 65535. The default is 10 seconds. |
|
Configures OSPFv2 to ignore any IP MTU mismatch with a neighbor. The default is to not establish adjacency if the neighbor MTU does not match the local interface MTU. |
|
Configures the OSPFv2 priority, used to determine the DR for an area. The range is from 0 to 255. The default is 1. See the “Designated Routers” section. |
|
The following example shows how to add a network area 0.0.0.10 in OSPFv2 instance 201:
switch(config)# interface ethernet 1/2
switch(config-if)# ip address 192.0.2.1/16
switch(config-if)# ip router ospf 201 area 0.0.0.10
switch(config-if)# copy running-config startup-config
Use the show ip ospf interface command to verify the interface configuration. Use the show ip ospf neighbor command to see the neighbors for this interface.
You can configure authentication for all networks in an area or for individual interfaces in the area. Interface authentication configuration overrides area authentication.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that all neighbors on an interface share the same authentication configuration, including the shared authentication key.
Create the key-chain for this authentication configuration. See the Cisco NX-OS Security Configuration Guide.
Note For OSPFv2, the key identifier in the key key-id command supports values from 0 to 255 only.
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. area area-id authentication [ message-digest ]
4. interface interface-type slot/port
5. ip ospf authentication-key [ 0 | 3 ] key
ip ospf message-digest-key key-id md5 [ 0 | 3 ] key
6. show ip ospf instance-tag interface interface-type slot/por t
You can configure authentication for individual interfaces in the area. Interface authentication configuration overrides area authentication.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that all neighbors on an interface share the same authentication configuration, including the shared authentication key.
Create the key-chain for this authentication configuration. See the Cisco NX-OS Security Configuration Guide.
Note For OSPFv2, the key identifier in the key key-id command supports values from 0 to 255 only.
Ensure that you are in the correct VDC (or use the switchto vdc command).
2. interface interface-type slot/port
3. ip ospf authentication [ message-diges t]
4. ip ospf authentication key-chain key-id (Optional)
5. ip ospf authentication-key [ 0 | 3 ] key (Optional)
ip ospf message-digest-key key-id md5 [ 0 | 3 ] key (Optional)
6. show ip ospf instance-tag interface interface-type slot/por t
The following example shows how to set an interface for simple, unencrypted passwords and set the password for Ethernet interface 1/2:
switch(config)# router ospf 201
switch(config)# interface ethernet 1/2
switch(config-if)# ip router ospf 201 area 0.0.0.10
switch(config-if)# ip ospf authentication
switch(config-if)# ip ospf authentication-key 0 mypass
switch(config-if)# copy running-config startup-config
Configure OSPFv2 after you have designed your OSPFv2 network.
This section includes the following topics:
You can separate your OSPFv2 domain into a series of areas that contain related networks. All areas must connect to the backbone area through an area border router (ABR). OSPFv2 domains can connect to external domains as well, through an autonomous system border router (ASBR). See the “Areas” section.
ABRs have the following optional configuration parameters:
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Create the route map that the filter list uses to filter IP prefixes in incoming or outgoing Network Summary (type 3) LSAs. See Chapter16, “Configuring Route Policy Manager”
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. area area-id filter-list route-map map-name {in | out}
The following example shows how to configure a filter list in area 0.0.0.10:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 filter-list route-map FilterLSAs in
switch(config-router)# copy running-config startup-config
You can configure a stub area for part of an OSPFv2 domain where external traffic is not necessary. Stub areas block AS External (type 5) LSAs, limiting unnecessary routing to and from selected networks. See the “Stub Area” section. You can optionally block all summary routes from going into the stub area.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that there are no virtual links or ASBRs in the proposed stub area.
Ensure that you are in the correct VDC (or use the switchto vdc command).
The following example shows how to create a stub area:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 stub
switch(config-router)# copy running-config startup-config
You can create a totally stubby area and prevent all summary route updates from going into the stub area.
To create a totally stubby area, use the following command in router configuration mode:
|
|
---|---|
You can configure an NSSA for part of an OSPFv2 domain where limited external traffic is required. See the “Not-So-Stubby Area” section. You can optionally translate this external traffic to an AS External (type 5) LSA and flood the OSPFv2 domain with this routing information. An NSSA can be configured with the following optional parameters:
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that there are no virtual links in the proposed NSSA and that it is not the backbone area.
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. area area-id nssa [ no-redistribution ] [ default-information-originate [ route-map map-name ]] [ no-summary ] [ translate type7 { always | never } [ suppress-fa ]]
The following example shows how to create an NSSA that blocks all summary route updates:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa no-summary
switch(config-router)# copy running-config startup-config
The following example shows how to create an NSSA that generates a default route:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa default-info-originate
switch(config-router)# copy running-config startup-config
The following example shows how to create an NSSA that filters external routes and blocks all summary route updates:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa route-map ExternalFilter no-summary
switch(config-router)# copy running-config startup-config
The following example shows how to create an NSSA that always translates NSSA External (type 5) LSAs to AS External (type 7) LSAs:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 nssa translate type 7 always
switch(config-router)# copy running-config startup-config
A virtual link connects an isolated area to the backbone area through an intermediate area. See the “Virtual Links” section. You can configure the following optional parameters for a virtual link:
Note You must configure the virtual link on both routers involved before the link becomes active.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. area area-id virtual-link router-id
You can configure the following optional commands in virtual link configuration mode:
The following example shows how to create a simple virtual link between two ABRs.
The configuration for ABR 1 (router ID 27.0.0.55) is as follows:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 virtual-link 10.1.2.3
switch(config-router)# copy running-config startup-config
The configuration for ABR 2 (Router ID 10.1.2.3) is as follows:
switch(config)# router ospf 101
switch(config-router)# area 0.0.0.10 virtual-link 27.0.0.55
switch(config-router)# copy running-config startup-config
You can redistribute routes learned from other routing protocols into an OSPFv2 autonomous system through the ASBR.
You can configure the following optional parameters for route redistribution in OSPF:
Note Default information originate ignores match statements in the optional route map.
Note If you redistribute static routes, Cisco NX-OS also redistributes the default static route.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Create the necessary route maps used for redistribution.
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. redistribute { bgp id | direct | eigrp id | isis id | ospf id | rip id | static } route-map map-name
4. default-information originate [ always ] [ route-map map-name ]
The following example shows how to redistribute the Border Gateway Protocol (BGP) into OSPF:
switch(config)# router ospf 201
switch(config-router)# redistribute bgp route-map FilterExternalBGP
switch(config-router)# copy running-config startup-config
Route redistribution can add many routes to the OSPFv2 route table. You can configure a maximum limit to the number of routes accepted from external protocols. OSPFv2 provides the following options to configure redistributed route limits:
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. redistribute { bgp id | direct| eigrp id | isis id | ospf id | rip id | static } route-map map-name
4. redistribute maximum-prefix max [ threshold ] [ warning-only | withdraw [ num-retries timeout ]]
The following example shows how to limit the number of redistributed routes into OSPF:
switch(config)# router ospf 201
switch(config-router)# redistribute bgp route-map FilterExternalBGP
switch(config-router)# redistribute maximum-prefix 1000 75
You can configure route summarization for inter-area routes by configuring an address range that is summarized. You can also configure route summarization for external, redistributed routes by configuring a summary address for those routes on an ASBR. See the “Route Summarization” section.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. area area-id range ip-prefix/length [ no-advertise ]
4. summary-address ip-prefix/length [ no-advertise | tag tag-id ]
The following example shows how to create summary addresses between areas on an ABR:
switch(config)# router ospf 201
switch(config-router)# area 0.0.0.10 range 10.3.0.0/16
switch(config-router)# copy running-config startup-config
The following example shows how to create summary addresses on an ASBR;
switch(config)# router ospf 201
switch(config-router)# summary-address 10.5.0.0/16
switch(config-router)# copy running-config startup-config
Use Stub Route Advertisements when you want to limit the OSPFv2 traffic through this router for a short time. See the “OSPFv2 Stub Router Advertisements” section.
Stub route advertisements can be configured with the following optional parameters:
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
3. max-metric router-lsa [ on-startup [ announce-time ] [ wait-for bgp tag ]]
4. copy running-config startup-config
Note You should not save the running configuration of a router when it is configured for a graceful shutdown because the router will continue to advertise a maximum metric after it is reloaded.
The following example shows how to enable the Stub Router Advertisements feature on startup for the default 600 seconds:
switch(config)# router ospf 201
switch(config-router)# max-metric router-lsa on-startup
switch(config-router)# copy running-config startup-config
OSPFv2 includes a number of timers that control the behavior of protocol messages and shortest path first (SPF) calculations. OSPFv2 includes the following optional timer parameters:
At the interface level, you can also control the following timers:
See the “Configuring Networks in OSPFv2” section for information about the hello interval and dead timer.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
4. timers lsa-group-pacing seconds
5. timers throttle lsa start-time hold-interval max-time
6. timers throttle spf delay-time hold-time
8. ip ospf hello-interval seconds
9. ip ospf dead-interval seconds
10. ip ospf retransmit-interval seconds
The following example shows how to control LSA flooding with the lsa-group-pacing option:
switch(config)# router ospf 201
switch(config-router)# timers lsa-group-pacing 300
switch(config-router)# copy running-config startup-config
Graceful restart is enabled by default. You can configure the following optional parameters for graceful restart in an OSPFv2 instance:
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that all neighbors are configured for graceful restart with matching optional parameters set.
Ensure that you are in the correct VDC (or use the switchto vdc command).
4. graceful-restart grace-period seconds
5. graceful-restart helper-disable
The following example shows how to enable a graceful restart if it has been disabled and set the grace period to 120 seconds:
switch(config)# router ospf 201
switch(config-router)# graceful-restart
switch(config-router)# graceful-restart grace-period 120
switch(config-router)# copy running-config startup-config
You can restart an OSPv2 instance. This clears all neighbors for the instance.
To restart an OSPFv2 instance and remove all associated neighbors, use the following command:
|
|
---|---|
You can configure multiple OSPFv2 instances in each VDC. You can also create multiple VRFs within each VDC and use the same or multiple OSPFv2 instances in each VRF. You assign an OSPFv2 interface to a VRF.
Note Configure all other parameters for an interface after you configure the VRF for an interface. Configuring a VRF for an interface deletes all the configuration for that interface.
Ensure that you have enabled the OSPF feature (see the “Enabling the OSPFv2 Feature” section).
Ensure that you are in the correct VDC (or use the switchto vdc command).
6. <optional parameters configured>
7. interface interface-type slot/port
9. ip-address ip-prefix/length
The following example shows how to create a VRF and add an interface to the VRF:
switch(config)# vrf context NewVRF
switch(config)# router ospf 201
switch(config)# interface ethernet 1/2
switch(config-if)# vrf member NewVRF
switch(config-if)# ip address 192.0.2.1/16
switch(config-if)# ip router ospf 201 area 0
switch(config)# copy running-config startup-config
To verify the OSPFv2 configuration, use the following commands:
To display OSPFv2 statistics, use the following commands:
The following example shows how to configure OSPFv2:
Table 6-2 lists the default settings for OSPFv2 parameters.
|
|
---|---|
For additional information related to implementing OSPF, see the following sections:
|
|
---|---|
Cisco Nexus 7000 Series NX-OS Unicast Routing Command Reference |
|
Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 4.x |
|
|
|
---|---|
To locate and download MIBs, go to the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml |
Table 6-3 lists the release history for this feature.
|
|
|
---|---|---|