OSPF command

Successfully pass the free certification exam at IW Academy and become an Infinet Certified Engineer.

Description

OSPF is the dynamic routing protocol based on channel state tracking technology and uses the Dijkstra algorithm to find a shortest path. The OSPF protocol distributes information about available routes between routers in one network. Basic of a current protocol version are outlined in RFC 2328.

NOTE

In case OSPF traffic is processed by the switch group with SVI interface attached you can only use the IP address assigned to SVI interface to establish neighbor relationships with other devices.
If you have to use the physical interface to establish OSPF neighbor relationships using IP address assigned to Ethernet interface there are two options:

Interface must be added to a switch group with no SVI attached (make sure traffic is not processed by another switch group).
Interface must not be included into any switch group.

Same principles work for other protocols that use broadcast / multicast packets (RIP, DHCP).

The OSPF subsystem has it's own command shell (CS). CS is available only when OSPF daemon is started.

To enter CS use the "ospf" command. Commands in CS are not case-sensitive and can be shortened until ambiguity appears. To get a quick hint you can press "?" at any time.

The command shell has a number of modes:

Basic mode;
OSPF configure;
OSPF config-if;
OSPF config-router;
OSPF config-route-map.

The current mode is displayed along with the command prefix in the form "OSPF(mode)#". Initially, the CS is in the basic mode, which parameters are only for viewing the router current state. In order to switch the configuration mode you should have superuser rights. After entering a configuration mode, the configuration is being blocked and entering in this mode from other terminal (e.g. other telnet session) is prohibited. In order to avoid a "dead" block of the session, CS automatically quits the configuration mode after two minutes of no activity. The "end" command allows to exit any mode.

The transition scheme between different modes of CS:

Figure - The transition scheme between different modes of CS

Commands may have different arguments, which are specified in several formats. Arguments format is described in the context help ("?") or in the list of commands ("help") in the following way:

"A.B.C.D" – IP-address (ex, 192.168.0.15).
"WORD" – a set of characters with no spaces.
"<1-N>" – a decimal number in a range from 1 to N.
"A.B.C.D/M" – a parameter is set in a format IP address/subnet mask length – an integer in range 0...32 (ex. 192.168.0.0/24).
"IFNAME" – name of a physical network interface (ex. eth0).

Hints in the command syntax can also show possibility of using different kind of formats. If an argument can be written in different formats, it will be displayed in round brackets, options are separated by "|" character. Example: "(A.B.C.D|<0-4294967295>)". If an argument is optional, it is put into square brackets: "[]". Any parameter may have "no" prefix, it will remove a corresponding parameter from the configuration.

Syntax:

configure  Configuration
end        End current mode and change to root mode (CTRL+C).
exit       Back to WANFlex command shell (CTRL+D).
help       Print command list
show       Show running system information
    access-list      List IP access lists
    border-routers   show all the ABR's and ASBR's
    database         Database summary
    interface        Interface information
    memory           Memory statistics
    neighbor         Neighbor list
    ospf             OSPF information
    prefix-list      Build a prefix list
    route            OSPF routing table
    running-config   running configuration
    summary-address  OSPF Possible external addresses summarizations
    thread           Thread information
    version          Displays version
OSPF(config)#
  access-list  Add an access list entry
  alias        Set symbolic mode
  clear        Reset functions
  debug        Set debugging print level
  end          End current mode and change to root mode (CTRL+C).
  exit         Back to WANFlex command shell (CTRL+D).
  help         Print command list
  interface    Select an interface to configure
  no           Negate a command or set its defaults
  prefix-list  Build a prefix list
  route-map    Create route-map or enter route-map command mode
  router       Enable a routing process
  show         Show running system information
  stop         stop
OSPF(config-if)#
  authentication       Enable authentication on this interface
  authentication-key   Authentication password (key)
  cost                 Interface cost
  dead-interval        Interval after which a neighbor is declared dead
  description          Interface specific description
  end                  End current mode and change to root mode (CTRL+C).
  exit                 Back to WANFlex command shell (CTRL+D).
  hello-interval       Time between HELLO packets
  help                 Print command list
  message-digest-key   Message digest authentication password (key)
  mtu                  Interface DD mtu
  network              Network type
  no                   Negate a command or set its defaults
  priority             Router priority
  retransmit-interval  Time between retransmitting lost link state advertisements
  show                 Show running system information
  transmit-delay       Link state transmit delay
OSPF(config-router)#
  abr-type               Set OSPF ABR type
  area                   OSPF area parameters
    authentication  Enable authentication
    default-cost    Set the summary-default cost of a NSSA or stub area
    export-list     Set the filter for networks announced to other areas
    filter-list     Filter networks between OSPF areas
    import-list     Set the filter for networks from other areas announced to the specified one
    nssa            Configure OSPF area as nssa
    range           Summarize routes matching address/mask (border routers only)
    shortcut        Configure the area's shortcutting mode
    stub            Configure OSPF area as stub
    virtual-link    Configure a virtual link
  auto-cost              Calculate OSPF interface cost according to bandwidth
  auto-interface         Auto announce mode
  compatible             OSPF compatibility list
  default-information    Control distribution of default information
  default-metric         Set metric of redistributed routes
  distance               Define an administrative distance
  distribute-list        Filter networks in routing updates
  end                    End current mode and change to root mode (CTRL+C).
  exit                   Back to WANFlex command shell (CTRL+D).
  help                   Print command list
  log-adjacency-changes  Log changes in adjacency state
  network                Enable routing on an IP network
  no                     Negate a command or set its defaults
  passive-interface      Suppress routing updates on an interface
  redistribute           Redistribute information from another routing protocol
  refresh                Adjust refresh parameters
  router-id              router-id for the OSPF process
  show                   Show running system information
  summary-address        distribute summary address
  timers                 Adjust routing timers
OSPF(config-route-map)#
  end        End current mode and change to root mode (CTRL+C).
  exit       Back to WANFlex command shell (CTRL+D).
  help       Print command list
  match      Match values from routing table
  no         Negate a command or set its defaults
  on-match   Exit policy on matches
  route-map  Create route-map or enter route-map command mode
  set        Set values in destination routing protocol
  show       Show running system information

Parameters

Parameter	Description
*start*	Starts OSPF daemon.
*help*	Displays the whole command list for the current mode.
*end*	Goes back from the current mode to the basic OSPF mode, keyboard shortcut Ctrl+C can also be used.
*exit*	Exit from OSPF CS, keyboard shortcut Ctrl+D can also be used.
show	Allows to review current running router configuration. "running-config" – shows a current router’s configuration, available in any mode. "neighbor [A.B.C.D] [detail]" – displays the neighbors status. It is possible to specify IP address of a network interface, which state and neighbors list need to be shown. If this parameter is not specified the command shows a summary information for all interfaces. If the "detail" parameter is specified, then neighbors information is output in a detailed form, not just a summary table. For more information about the data displayed in the table, see the "Example" section. "show database" – shows a summary table with a database contents (LSA). The parameter has following arguments: "[asbr-summary\|external\|network\|router\|summary\|nssa-external\|max-age\|self-originate]" – specifies the link advertisement type to review. "[A.B.C.D]" - link destination (in IP address form), which advertisements need to be reviewed. "[adv-router A.B.C.D]" - router id (whole 32-bit number, can be set in the "OSPF config-router" mode), which link advertisements need to be reviewed. "access-list" – displays access lists content. "[(<1-99>\|<100-199>\|<1300-1999>\|<2000-2699>\|WORD)]" - the list identifier, if not specified then a content of all lists is displayed. "prefix-list" – displays prefix-lists content (for more information about the prefix lists configuration see subsection "Filtration objects"). "WORD" – the prefix list identifier, if not specified, then a content of all lists are displayed. "summary" и "detail" – used to output a summary and more detailed data. "route" – displays a routing table. For more information about table content see the "Example" subsection. "interface [INTERFACE]" – displays the information about network interfaces including virtual links states. "[INTERFACE]" - an interface name, if not specified all interfaces information will be shown. "border-routers" – shows a table of paths to area boundary routers. "memory" – a memory statistic. "all", "lib", "ospf" and "rip" – specify values types to be shown. If not specified, data will be displayed for all types, same as the "all" parameter. "ospf" – displays OSPF protocol summary information. "summary-address" – displays a possible aggregate networks list with number of network prefixes that can be replaced by a summary route. “detail” – shows detailed information, can be used as a hint while network planning. "show thread cpu" – shows current cpu load. Filters can be used to display specific data (rwtex). "version" – shows ARDA version.
configure	Allows to enter the "OSPF configure" mode.
OSPF configure mode
alias	Set a symbolic name to a router interface. Aliases are saved after the session end.
debug level N	Adds OSPF debug information to the system log. "N" – possible log levels are from "0" (no information logged) to "255" (the most verbose logging).
interface *IFNAME*	Entering the "config-if" mode. For more information about this mode see the "OSPF config-if mode" subsection. "IFNAME" – an interface to configure.
router	Entering the "config-router" mode. For more information about this mode see the "OSPF config-router mode" subsection.
route-map WORD (deny\|permit) <1-65535>	Allows to create the route-map. The OSPF command shell will be switched to route-map configuration mode. "WORD" – route-map identifier. "deny\|permit" – a record resulting action. "<1-65535>" – record number. Route-map is a conditional records set. Records are viewed in order from first to last. Each record is decribed by following parameters: It number in the map. Resulting action: "deny" – the route is denied, map’s records review is aborted and a resulting object is cancelled (link is not advertised); "permit" – all actions specified in the record are performed for a resulting object. Further, records viewing is stopped or, if specified in the scenario, it is resumed depending on the selected option. Actions to be done with a resulting object in case of its correspondence (assignments of the metric type and / or value to the channel). There are two versions of records review can be set in a scenario: "on-match next"; "on-match goto <N>. For more information about this mode see the "OSPF config-route-map mode" subsection.
stop (daemon\|clear)	Stops the OSPF daemon: "daemon" – stops the OSPF router; "clear" – the router will clear its part of system configuration before quitting OSPF CS.
access-list	Access lists are used in the router's settings as filters, in addition, they are also used to set the matching conditions in the route map configuration. Access lists consist of a set of operators. Each operator consists of an IP addresses range (matching conditions) and resulting action: "deny" or "permit". The IP-addresses range is set as "<value> <mask>". The object to be filtrated has its basic parameter in the same format (IP-address, subnet etc). To make a decision whether the object corresponds with a list, each operator from the list is consequently applied to the object basic parameter until this parameter satisfies the condition. When a right condition is met, the reviewing is stopped, the decision is made according to the record in the operator command. While configuring, the operators are added to the end of the list. Thus, when filtering, the sequence of viewing access list operators is determined only by the sequence of their addition. There are three access lists type in the OSPF router. Standard – is identified in ranges 1-99 and 1300-1999 and is used to evaluate one filtration objects parameter. Extended – is identified in ranges 100-199 and 2000-2699 and is used to evaluate one filtration objects parameter (ex. source IP address and destination IP address). Nominate – is similar to the standard, but is identified by a name. In addition, operators are configured in a "<value>/<mask length>" format. For more information about managing access lists commands see the "Filtration objects" subsection.
prefix-list	Prefixes lists, same as access lists, are used as filters in a router's configuration and works on the same principles, however, they have a number of differences in the operators. First, besides the range and solution each operator can have also a sequential number (1-4294967295), which are used to sort the lists. It allows to manage the operators view sequence when filtering objects. If a sequential number is not specified the router sets it up automatically by adding 5 to the number of the last operator in a list. Thus, the operator will have the biggest number and will be placed in the end of the list. Secondly, the length mask can be used as the filtering condition. "ge <0-32>" – sets the minimum mask length in range 0...32. "le <0-32>" – sets the maximum mask length in range 0...32. "ge <0-32> le <0-32>" – sets the allowed values range. For more information about managing prefix-lists commands see the "Filtration objects" subsection.
clear alias\|prefix-list WORD	Clears the OSPF configuration. "alias" – removes a names list assigned to network interfaces. "prefix-list WORD" – deletes the prefix-list with the "WORD" name.
OSPF config-router mode
router-id	Allows to assign an identifier to this OSPF router. Every OSPF router has a unique identifier. Identifier is a 32-bit integer. If identifier was not set by administrator, the router will automatically assign an identifier which equals to a maximal (by value) IP address from all router's IP addresses participating in OSPF system. NOTE Since it is extremely important for OSPF to have constant Router ID which not change during operation (ex. by adding new or changing / deleting IP addresses), the identifier is assigned from the range of multicast addresses (224.x.x.x prefix) by using the device serial number.
*passive-interface IFNAME*	Allows to manage a routing information updates. Suppresses the routing updates over some interfaces, but allows to exchange updates through other interfaces in normal mode. "IFNAME" – interfaces that will not be used to establish OSPF neighbor relationships or to send out routing updates.
auto-cost reference-bandwidth <1-4294967>	Allows to modify the "reference_bandwidth" value, "<1-4294967>" – Mbit/s parameter value in range 1-4294967. Link metric is a cost of traffic delivery through the network interface. OSPF router automatically calculates an internal link cost taking physical interface’s capacity to which link belongs: M = reference_bandwidth/bandwidth: "reference_bandwidth" – default capacity equals 100 Mbit/s, "bandwidth" – a capacity (bandwidth) of a physical network interface to which the link belongs. This metric configuration method is used for all links for which interfaces a specific cost is not set.
network A.B.C.D/M area (A.B.C.D\|<0-4294967295>)	Allows router to advertise an internal link to the system. Internal links are links which destinations are the subnets to which a router is connected directly (using one of its network interfaces) and which are described in OSPF router configuration. In order to advertise an internal link, a subnet should be specified which destination is an advertised link. If none of router’s network interfaces has an IP address from specified subnet, OSPF will not advertise this link although this network will be in configuration (inactive link). When administrator will connect one of the interfaces to this network with the "ifconfig" command, this network will automatically become a OSPF routing member. Using the "no" prefix before this parameter allows to cancel the channel advertisement. "A.B.C.D/M" – the network number is determined by the IP address of the router in this network and the mask length. "A.B.C.D"/"<0-4294967295>" – the OSPF area name, to which the network belongs, can be specified as IP address or in decimal number format. For more information about areas see the "OSPF area" subsection.
*auto-interface IFNAME area (A.B.C.D\|<0-4294967295>)*	Allows to advertise internal links automatically for the selected network interface. It becomes important when interface IP addresses (aliases) are created and deleted automatically, for example, when CPEs are connecting to the BS via radio. "IFNAME" – network interface name (alias), which IP networks will be advertised by OSPF router automatically when appear. "A.B.C.D"/"<0-4294967295>" – the OSPF area name, to which the network belongs, can be specified as IP address or in decimal number format.
redistribute (kernel\|connected\|static\|rip) [metric <0-16777214>] [metric-type (1\|2)] [route-map WORD]	Allows router to advertise external links. Redistributed routes are classified by: Specific protocol: "rip". Type: "kernel" – routes created by the kernel, except for the default route. "connected" – directly connected routes. "static" – static routes. "metric-type (1\|2)" – all links of this type are advertised as external type links with metric type 1 or 2. Information about external links is spread all over OSPF domain (not only in the area). Stub areas are an exception to which the information about external links is advertised as default gateway through the area border router (ABR) of the area. Difference between two metric types that metric type 1 is a metric which is "commensurable" with inner OSPF links. When calculating a metric to the external destination, the full path metric is calculated as a metric sum path of a router which had advertised this link plus the link metric. Thus, a route with the least summary metric will be selected. If external link is advertised with metric type 2 the path is selected which lies through the router which advertised this link with the least metric despite of the fact that internal path to this router is longer (with more cost). However, if two routers advertised an external link and with metric type 2 the preference is given to the path which lies through the router with a shorter internal path. If two different routers advertised two links to the same external destimation but with different metric type, metric type 1 is preferred. If type and/or value of a metric left undefined the router will consider these external links to have a default metric (set by a "default metric" command) and type 2. "metric <0-16777214>" – a link metric value. "route-map WORD" – external routes can also be filtered using the route-map, for more information see "OSPF config-route-map", "WORD" – the route-map identifier.
distribute-list WORD out (kernel\|connected\|static)	Allows to define criteria a router will use to advertise the link according with access-list filter. "WORD"* –* the access list identifier to which the destination of the system routing table record must match.
default-metric <0-16777214>	Allows to set the default metric value for all external channels. If default metric is not defined, it equals 1.
default-information originate [always] [metric-type (1\|2)] [metric <0-16777214>] [route-map WORD]	By default, in the "redistribute kernel" mode the router will not make an advertisement into OSPF system about having as a link to default gateway, even if it is clearly written in the routing table by the administrator. This parameter allows the default route advertisement. "metric-type (1\|2)" – metric type. "metric <0-16777214>" – link metric value. "route-map WORD" – filtration using the route-map. "always" – the router will always advertise the link to "default route", even if there is no such route in the system table.
summary-address A.B.C.D/M [metric-type (1\|2)] [metric <0-16777214>]	Sets a summary address for the external routes that are injected into the OSPF domain by "redistribute” command. "A.B.C.D/M" – the summary route identifier. In case there is one or more external routes having network prefixes totally covered by such network then only the summary route for the A.B.C.D/M network will be announced but not the external routes. The accurate address space management and using of this parameter allows to significantly reduce the external network prefixes number in the OSPF domain. "metric-type (1\|2)" – link metric type. "metric <0-16777214>" – link metric value.
refresh timer <10-1800>	The router automatically updates link-state information with its neighbors. Only an obsolete information is updated which age has exceeded a specific threshold. This parameter changes a threshold value, which by default is 1800 seconds (half an hour). The value is applied to the whole OSPF router. <10-1800> – threshold in seconds.
log-adjacency-changes [detail]	Enables to log changes in the adjacency state. "detail" – logging every step neighboring routers take to establish the adjacency state.
compatible rfc1583	Sets the RFC 1583 standard compliance mode.
distance (intra-area\|inter-area\|external) <1-255>	Sets an administrative distance value in range 1...255 for following route types: "intra-area" - routes inside a current area. "inter-area" - routes to another area. "external" - external routes.
OSPF areas
area (A.B.C.D\|<0-4294967295>) shortcut (default\|enable\|disable)	OSPF protocol has an ability to join adjacent networks and hosts into special groups. This group along with a router that has a link to one (any) of the networks included into the group is called an area. In each area an independent copy of OSPF is functioning. That means that each area has its own database and a corresponding graph. A router that is configured to advertise only internal links is called an internal router. A router connected to networks in more than one area is called an area border router (ABR). A router that advertises its link to external destinations ("redistribute" command) is called AS Boundary Router (ASBR). Each area is assigned a unique identifier area-id. An area with area-id equal to zero is called a backbone of OSPF system. OSPF backbone area always includes all ABR. Backbone area is responsible for routing information distribution between other (non-backbone) areas. Backbone area should be contiguous but it does not always imply a physical adjacency – backbone connections can be organized using virtual connections. This parameter allows to "shortcut" routes (non-backbone) for inter-area routes. There are three modes available for routes shortcutting: "default" – this area will be used for shortcutting only if ABR does not have a link to the backbone area or this link was lost. "enable" – the area will be used for shortcutting every time the route that goes through it is cheaper. "disable" – this area is never used by ABR for routes shortcutting.
area (A.B.C.D\|<0-4294967295>) stub [no-summary]	This parameter allows to configure a stub area. Some areas may be defined as stub areas. It is used for an area which has either a single ABR or several ABR but route selection does not depend on external destination address. The information about external link (to OSPF system) is not sent to stub areas by ABR. Instead, ABR advertises a default gateway to the stub area with a route coming through this ABR. "no-summary" – can be specified if it is not necessary to advertise a summary routes of other area’s to this area. This can save the internal routers database resources in this area. Keep in mind, all area routers should have same settings of this parameter, otherwise they will not be able to establish the adjacency relations, which will be discussed below.
area (A.B.C.D\|<0-4294967295>) nssa [translate-always\|translate-candidate\|translate-never\|no-redistribution\|suppress-fa] [no-summary]	Allows to set the OSPF area as not-so-stubby area (NSSA). Such area retains advantages of stub area, and allows external routes advertisement. Routers within this area exchange LSA-7 type packets, which the ABR will retransmit to other areas. "translate-always" – all incoming packets are retransmitted. "translate-candidate" – assigns the ABR, which will make for retransmittion. "translate-never" – no incoming packets are retransmitted. "no-redistribution" – LSA-7 packets are not retransmitted to NSSA. "no-summary" – disable summary link advertising from different areas. "suppress-fa" – forbids adding next hop IP-address into message, to avoid accessing the next node bypassing this router.
area (A.B.C.D\|<0-4294967295>) default-cost <0-16777215>	Sets summary links default metric for stub and NSSA areas.
area (A.B.C.D\|<0-4294967295>) virtual-link A.B.C.D	Provides a backbone area coherence by virtual link establishment. In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized. "(A.B.C.D\|<0-4294967295>)" – area identifier through which a virtual link goes. "A.B.C.D" – ABR router-id with which a virtual link is established. Virtual link must be configured on both routers. Formally, a virtual link looks like a point-to-point network connecting two ABR from one area one of which physically connected to a backbone area. This pseudo-network is considered to belong to a backbone area.
area (A.B.C.D\|<0-4294967295>) {[export-list\|import-list] NAME} {[filter-list prefix] WORD (in\|out)}	Provides link information filtering for the area. If the filter conditions match, the information will be discarded. "export-list\|import-list" – summary information about area’s links which is advertised by ABR through backbone to other area (export) can be filtered. Moreover, the information from ABR (that came from other areas) can also be filtered (import). "NAME" – name of a filtering list (access-list). "filter-list prefix" – filtering can be also provided using "prefix-list". Filters can be applied to any area to which ABR is connected, except for the backbone. "(in\|out)" – filtering direction ("in" – import, "out" – export). "WORD" – filtering prefix-list name.
area (A.B.C.D\|<0-4294967295>) range A.B.C.D/M [not-advertise] [cost <0-16777215>] substitute A.B.C.D/M	Allows you to configure the link aggregation and announcements suppression. For every area to which OSPF router is connected there is a list of address ranges for link aggregation before sending a summary LSA to a backbone area. Aggregated links are checked to belong to one of the address ranges. If several links belong to one address range, ABR makes an advertisement to the backbone (or to other areas) of only one single link with destination equal to the address range and a metric equal to the maximal metric of all links or equal to the specified for this range value. It is possible to announce that some range is a blocking one, and then advertising of links which belong to this range will be blocked. When advertising an aggregated backbone link to other (non-backbone) areas, the aggregation will not be performed if the area to which backbone links are advertised is a transit area (it has virtual links). The list of addresses ranges for the area consists of the records with following fields: "range* A.B.C.D/M"* – addresses range (R); "not-advertise" – advertisement suppression flag; "cost <0-16777215>" – aggregated link metric (C); "substitute A.B.C.D/M" – advertised link (Rs). If non-advertise flag is not specified, C and Rs parameters can be configured. If a destination for one or more links belongs to R, the router will advertise one link with R destination (or Rs, if specified) and with metric that is a maximal metric of links (or C, if specified).
area (A.B.C.D\|<0-4294967295>) authentication [message-digest]	Authentication type can be specified for the whole area to which a network belongs, and to a link by which OSPF packets are received. If authentication is turned on for both interface and the area, the interface authentication type will be used. So if an interface has a "null" authentication type, then no authentication is performed. This parameter sets the authentication type for the whole area to which network and link belong. "message-digest" – sets the MD5 authentication type, if not specified, simple password authentication will be enabled for the area. As was mentioned before, area authentication type is applied only if interface’s authentication was totally disabled.
area (A.B.C.D\|<0-4294967295>) virtual-link A.B.C.D {authentication-key AUTH_KEY\|message-digest-key <1-255> md5 KEY}	Allows to configure virtual links authentication. "A.B.C.D/<0-4294967295>" – area identifier through which a virtual link goes. "A.B.C.D" – ABR router-id with which a virtual link is established. "authentication-key AUTH_KEY" – sets simple password authentication. "AUTH_KEY" – password. "message-digest-key <1-255> md5 KEY" – sets MD5 digest key authentication. "KEY" – private MD5 key. "<1-255>" – private key sequence number. So, up to 255 private keys can be set for this channel or interface. The router will use the last installed key to transmit packets. When receiving packets, the router will use the key with the same sequence number used by the transmitting side.
area (A.B.C.D\|<0-4294967295>) virtual-link A.B.C.D (hello-interval\|retransmit-interval\|transmit-delay\|dead-interval) <1-65535>	Establishes neighboring relationship between two routers when virtual links are used. "A.B.C.D/<0-4294967295>" – area identifier through which a virtual link goes. "A.B.C.D" – ABR router-id with which a virtual link is established. "(hello-interval\|retransmit-interval\|transmit-delay\|dead-interval)" – set interval values, for more information see "Config-if mode" subsection. "<1-65535>" – interval value in seconds.
abr-type (cisco\|ibm\|shortcut\|standard)	Selects ABR model. OSPF router supports four ABR models: "cisco" – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). "ibm" – identical to "cisco" model but in this case a backbone area link may not be active. "standard" – router has several active links to different areas. "shortcut" – identical to "standard" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections. Detailed information about "cisco" and "ibm" models differences can be found in RFC 3509. A "shortcut" model allows ABR to create routes between areas based on the topology of the areas connected to this router but not using a backbone area in case if non-backbone route will be "cheaper". For more information about "shortcut" model, see ospf-shortcut-abr-02.txt
Config-if mode
authentication-key AUTH_KEY [A.B.C.D]	In order to prevent an unauthorized connection of routers to OSPF system, the system has an identity check for protocol’s packets. This parameter allows to set simple password authentication. Authentication can be configured individually for each interface’s link (or for the interface including virtual link) and/or individually for every area to which the router is connected. By default authentication is disabled. "AUTH_KEY" – key. "[A.B.C.D]" – link identifier (in IP address form), to configure selected channel authentication.
message-digest-key <1-255> md5 KEY [A.B.C.D]	Allows to set digest key authentication. "KEY" – private MD5 key. "[A.B.C.D]" – link identifier, to configure selected channel authentication. "<1-255>" – private key sequence number. So, up to 255 private keys can be set for this channel or interface. The router will use the last installed key to transmit packets. When receiving packets, the router will use the key with the same sequence number used by the transmitting side.
authentication (null\|message-digest) A.B.C.D	Allows to enable one or another authentication mode after setting its parameters. "null" – no authentication (obligatory authentication suppression), if not set, simple password authentication is turned on. "message-digest" – digest key authentication. "A.B.C.D" – interface link IP address.
dead-interval <1-65535> [A.B.C.D] hello-interval <1-65535> [A.B.C.D]	When two or more routers have links to the same network these routers become neighbors in order to synchronize their Link-State Database. Moreover, a network with more than one router connected to it is a transit network; and, if this network is not point-to-point network, it is an active OSPF object (it can advertise its links to the routers). A special designated router makes an LSA. A designated router is selected from a number of active OSPF routers connected to the network based on their priorities, identifiers and IP addresses of network interfaces by means of which they are connected to the network. The router uses special protocols which parameters should be identical for neighbors. These parameters are: "hello-interval" – an interval of sending "hello-packets" and "dead-interval" – the time interval during which from a neighbor at least one "hello-packet" must be received, after this time, the neighboring router is excluded from the list of neighbors. By default, "hello-interval" is 10 seconds, "dead-interval" is 40 seconds. These parameters allow to specify a different value for these parameters for any network interface. "<1-65535>" – sets time interval in seconds. "[A.B.C.D]" – link identifier, if you need to configure this particular link (optional parameter). If this IP address is not specified, the parameter will be applied to the network interface. Note that in order to creating adjacency relationship between two routers these parameters should be equal.
priority <0-255> [A.B.C.D]	Allows to set up router’s priority for the interface. One of routers connected to the network is automatically selected to be a designated router (DR) judging by three parameters. If a link priority is specified for the router it acts as a major criterion for DR selection. If priority is not set, only router-id and IP address affect the selection. "<0-255>" – priority value. The higher the priority value, the more likely this router will become the DR for this network. If the priority is zero, the router will never be selected as DR. "[A.B.C.D]" – link identifier, same as previous parameters, priority can be set individually for each link on the interface, and for the whole interface (if not specified).
retransmit-interval <3-65535> [A.B.C.D]	Allows to control retransmits periodicity for each interface and/or interface’s links. OSPF protocol requires that Link-State databases of one area routers should be identical. To do that routers exchange LSA information. In particular, transit networks are used. In order to minimize network traffic, routers exchange their LSA not directly with each other but using DR and Backup DR (BDR). BDR is used for backing up DR in case of DR failure. BDR selection rules are identical to DR selection rules. While Link-state database synchronization routers exchange database descriptions using master-slave relationship and broadcast IP packets. Each packet reception should be acknowledged. If acknowledge is not received, initiating party makes a series of retransmits. "<3-65535>" – retransmits interval in seconds. "[A.B.C.D]" – link identifier.
transmit-delay <1-65535> [A.B.C.D]	Allows to set and adjust for each interface the delay interval before starting the synchronizing process of the router's database with all neighbors. "<3-65535>" – delay value in seconds. "[A.B.C.D]" – link identifier.
cost <1-65535> [A.B.C.D]	Sets links metric (cost) of the interface. <1-65535> – metric value. "[A.B.C.D]" – subnetwork interface IP address (link destination). If not specified, for any link related to this physical interface the specified cost (metric) will be set.
network	Allows to specify the distribution type for the network connected to this interface: "broadcast" – broadcast IP addresses distribution. "mesh" – address distribution in mesh networks topology. "point-to-multipoint" – address distribution in point-to-multipoint networks. "point-to-point" – address distribution in point-to-point networks.
description	Adds interface description.
mtu <40-65535>	Sets MTU value.
OSPF config-route-map mode
match address[(<1-199>\|<1300-2699>\|WORD)]\|prefix-list WORD]\|interface WORD\|next-hop[(<1-199>\|<1300-2699>\|WORD)\|prefix-list WORD]	Sets matching conditions for the imported route. For each record several conditions can be set. If several conditions are specified they are applied according to the "and" rule. "address" – destination address matching, the condition will be fulfilled if the corresponding route parameter belongs to the specified filter list. Following filter lists can be specified: "<1-199>\|<1300-2699>\|WORD" – access list name; "prefix-list WORD" – prefix-list name. "interface WORD" – matching of the network interface to which the route belongs, "WORD" – interface name. "next-hop" – next hop IP-address matching, filter lists are specified same way as for destination address matching.
set metric <0-4294967295>\|metric-type (type-1\|type-2)	Sets link metric value and/or type, if the route matches all conditions. "metric <0-4294967295>" – metric value in range 0...4294967295. "metric-type (type-1\|type-2)" – metic type for the imported route.
on-match (goto <1-65535>)\|next	Sets behavior scenario, if the route matches all conditions. "on-match next" – reviewing continues from the next record to the current one; "on-match goto <N>" – reviewing continues from the record with "N" number, it can never be before the current one.

Filtration objects

Access lists

The following "config" mode parameters are used to create or modify access lists for an OSPF router.

Standard list:

access-list (<1-99>|<1300-1999>) (deny|permit) A.B.C.D A.B.C.D

"(<1-99>|<1300-1999>)" – list identifier.
"(deny|permit)" – resulting action.
"A.B.C.D A.B.C.D" – IP address range in "<value> <mask>" form.

This parameter creates an operator in a standard access list. Value and mask define a range (criteria) for the operator. The mask defines those bits of the value which form the range. For example, in order to specify the range of IP address from 192.168.12.0 to 192.168.255, the "192.168.12.0" value and the "0.0.0.255" mask should be specified. For value and mask of 0.0.0.0 255.255.255.255 there is a key word "any". Commands below are equal.

OSPF(config)# access-list 1 permit 0.0.0.0 255.255.255.255
OSPF(config)# access-list 1 permit any

For the range which consists of only one address, the key word "host" is used. Commands below are equal.

OSPF(config)# access-list 1 permit 192.168.12.150 0.0.0.0
OSPF(config)# access-list 1 permit host 192.168.12.150

Extended list:

access-list (<100-199>|<2000-2699>) (deny|permit) ip A.B.C.D A.B.C.D A.B.C.D A.B.C.D

"(<100-199>|<2000-2699>)" – list identifier.
"(deny|permit)" – resulting action.
"A.B.C.D A.B.C.D" – source IP address range.
"A.B.C.D A.B.C.D" – destination IP address range.

Nominate list:

access-list WORD (deny|permit) A.B.C.D/M exact-match

"WORD" – list identifier.
"(deny|permit)" – resulting action.
"A.B.C.D/M" – IP address range.
"exact-match" – is used for the exact match of a parameter to the range.

Prefix-lists

prefix-list WORD seq <1-4294967295> (deny|permit) A.B.C.D/M ge <0-32> le <0-32>

"WORD" – list identifier.
"seq <1-4294967295>" – sequential number.
"(deny|permit)" – resulting action.
"A.B.C.D/M" – IP address range.
"exact-match" – is used for the exact match of a parameter to the range.
"ge <0-32> le <0-32>" – allowed mask values range.

Examples

Assigne the "192.168.103.36" router id in the OSPF(config-router) mode.

OSPF(config-router)# router-id 192.168.103.36

Cancel the assignment using the "no" prefix.

no router-id

In the "TestList1" nominate list, set deny action for the 192.168.12.0...192.168.12.255 IP-address range, the "192.168.12.0/24" value should be entered. Also add the decision to accept packets from all other addresses.

OSPF(config)# access-list TestList1 deny 192.168.12.0/24
OSPF(config)# access-list TestList1 permit any

Enable advertisement an internal link to the "192.168.103.37/24" network which located in a backbone area. There are two ways how to solve this task.

OSPF(config-router)# network 192.168.103.37/24 area 0.0.0.1
OSPF(config-router)# network 192.168.103.37/24 area 1

Display the neighbour state information.

OSPF> show neighbor
Neighbor ID     Pri   State           Dead Time   Address         Interface      RXmtL RqstL DBsmL
224.3.94.78       1   Full/Backup     00:00:26    192.168.103.36  svi1:192.168.1

The table contains following data:

"Neighbor ID" – neighbor router ID;
"Pri" – priority;
"State" – current state/status. Following states are possible:
- - "Init" – a "Hello-packet" was recently received from a neighbor, a two-way connection is not yet established;
  - "2-Way" – a two-way connection is established between two routers, an adjacency relationship is initiated;
  - "ExStart" – the first step in adjacency relationship establishing, sets up master/slave relations;
  - "Exchange" – a router is sending it's link-state database to the neighbor;
  - "Loading" – link-state database synchronization, i.e. a router requests the neighbor for new information;
  - "Full" – neighboring relationship is established and list-state database is synchronized.
- Current status may have following values:
  - "DR" – the router is selected to be a designated router;
  - "Backup" – the router is selected as a backup designated router;
  - "DROther" – the router is neither DR nor BDR.
"Dead Time" – the time left for neighbor acknowledgement packet;
"Address" – neighbor’s IP address;
"Interface" – interface (link) through which information with neighbor is exchanged;
"RXmtL" – retransmit LSA quantity;
"RqstL" – transmit LSA quantity;
"DBsmL" – transmit LSA summary quantity.

Display database for links which were announced by transit network, and the advertising router was "192.168.45.107".

OSPF> show database network adv-router 192.168.45.107
       OSPF Router with ID (192.168.151.10)
                Net Link States (Area 0.0.0.0)
                Net Link States (Area 0.0.0.1)
  LS age: 473
  Options: 0x2  : *|-|-|-|-|-|E|*
  LS Flags: 0x6
  LS Type: network-LSA
  Link State ID: 192.168.15.1 (address of Designated Router)
  Advertising Router: 192.168.45.107
  LS Seq Number: 80000001
  Checksum: 0x9148
  Length: 32
  Network Mask: /24
        Attached Router: 192.168.45.107
        Attached Router: 192.168.151.1
                Net Link States (Area 0.0.0.2)

Display a routing table by using "show route" command.

OSPF> show route
============ OSPF network routing table ============
N IA 1.1.1.1/32            [3] area: 0.0.0.1
                           via 192.168.15.1, eth0
N IA 1.1.1.2/32            [2] area: 0.0.0.1
                           via 192.168.15.1, eth0
N    4.7.8.0/24            [2] area: 0.0.0.1
                           via 192.168.15.1, eth0
N IA 9.1.1.0/24            [12] area: 0.0.0.1
                           via 192.168.15.1, eth0
N IA 192.168.0.0/24        [3] area: 0.0.0.1
                           via 192.168.15.1, eth0
N    192.168.15.0/24       [1] area: 0.0.0.1
                           directly attached to eth0
N IA 192.168.80.0/24       [12] area: 0.0.0.1
                           via 192.168.15.1, eth0
N    192.168.151.0/24      [1] area: 0.0.0.1
                           directly attached to eth0
N IA 192.168.152.0/24      [2] area: 0.0.0.1
                           via 192.168.151.10, eth0
N IA 195.38.45.64/26       [2] area: 0.0.0.1
                           via 192.168.15.1, eth0
============ OSPF router routing table =============
R    192.168.151.10        [1] area: 0.0.0.1, ABR, ASBR
                           via 192.168.151.10, eth0
R    195.38.45.107         [1] area: 0.0.0.1, ABR
                           via 192.168.15.1, eth0


============ OSPF external routing table ===========
N E2 192.168.200.0/24      [1/7] tag: 0
                           via 192.168.151.10, eth0

The table consists of following data:

OSPF network routing table – includes a list of acquired routers for all accessible networks (or aggregated area ranges) of OSPF system. "IA" flag means that route destination is in the area to which the router is not connected, i.e. it’s an inter-area path. In square brackets a summary metric for all links through which a path lies to this network is specified. "via" prefix defines a router-gateway, i.e. the first router on the way to the destination (next hop).
OSPF router routing table.
OSPF external routing table. "E" flag points to the external link metric type (E1 – metric type 1, E2 – metric type 2). External link metric is printed in the "<metric of the router which advertised the link>/<link metric>" format.

In the following configuration, the router advertises external links created from the system routing table "connected" routes with metric type 2. If a destination for this route is a "192.168.103.37/24" subnetwork, the formed link will have metric 7, any other destination will not lead to external link’s advertising it.

OSPF(config)# access-list ANYNET permit any
OSPF(config)# access-list net200 permit 192.168.103.37/24
OSPF(config)# route-map MAP permit 10
OSPF(config-route-map)# match address net200
OSPF(config-route-map)# set metric 7
OSPF(config-route-map)# route-map MAP deny 11
OSPF(config-route-map)# match address ANYNET
OSPF(config-route-map)# router
OSPF(config-router)# redistribute connected route-map MAP

Page tree

Description

Parameters

OSPF configure mode

OSPF config-router mode

Config-if mode

OSPF config-route-map mode

Filtration objects

Examples