OSPF extended configuration (authentication, passive interface, faster convergence, default route)

Others 2021-03-22 06:22:33 views: null

OSPF extended configuration

Certification

(1) Interface certification

The identity authentication between neighbors can be configured on the interface connected to the neighbor (there are plain text authentication and cipher text authentication).

Specific placement

①Plain text authentication method

[huawei] int g0/0/1

[huawei-GigabitEthernet0/0/1] ospf authentication-mode simple 123

②Ciphertext authentication method

[huawei] int g0/0/1

[huawei-GigabitEthernet0/0/1] ospf authentication-mode md5 1 cipher 123 //Specify the encryption algorithm type and KEY number, and add cipher to make the password display garbled when viewed by the display command

(2) Regional certification

Identity authentication between areas, after the configuration is complete, all interfaces belonging to the existing authentication area are authenticated based on this key (there are also two authentication methods, plaintext and ciphertext).

Specific placement

[huawei] ospf 1

[huawei-ospf-1] area 0

[huawei-ospf-1-area-0.0.0.0] authentication-mode md5 1 cipher 123

(3) Virtual link authentication

Establish authentication on the virtual link.

Specific placement

[huawei] ospf 1

[huawei-ospf-1] area 1

[huawei-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2 md5 1 cipher 123

Passive interface (silent interface)

In an OSPF area, the devices between the areas will periodically send routing update information, but the PC terminal does not need to receive this information, and this information also occupies a certain amount of bandwidth. Therefore, it can be set for the router interface connected to the PC. It is a passive interface, so that the interface does not send or receive OSPF packets.

Specific placement

[huawei] ospf 1

[huawei-ospf-1] slient-interface GigabitEthernet 0/0/1 // Silence the interface connected to the PC

Speed ​​up convergence

Modify the timer, the default Hello time is 10s or 30s (in the MA network type), and the Dead time is four times the Hello time. Modify the Hello time on the local end, and the Dead time will automatically match the fourfold relationship. It must be exactly the same as the Hello time and Dead time parameters on the opposite end. Otherwise, the neighbor relationship cannot be established. It is not advisable to make the modification too small (10s is enough).

Specific placement

[huawei] int g0/0/1

[huawei-GigabitEthernet0/0/1] ospf timer hello 8 //Change the Hello time to 8s, and pay attention to maintaining consistency between neighbors

Default route

(1) Three types of default

When a special area is configured, after a non-backbone area is configured as a peripheral, complete peripheral, and complete NSSA area, the ABR that connects the backbone area to the area will deliver the default to the area.

(2) Five types of default

On the border router (ASBR), the default route is first generated statically or dynamically, and then the device's routing table and the default can be sent to the internal.

Specific placement

[huawei] ospf 1

[huawei-ospf-1] default-route-advertise //Re-advertise the default route generated by other methods in the local routing table to OSPF and deliver the default. This default is Type 2

[huawei-ospf-1] default-route-advertise always //If there is no default in the local routing table, you can still force a default to be delivered

Two routing types

Type 1: Display the total cost value, that is, the cost value on the superimposed path.

Type 2: Only the initial cost value is displayed, that is, the cost value will not be superimposed (only the upper display does not affect the actual route selection).

Note: By default, all Type 5 LSAs are delivered based on Type2. The actual route selection does not pay attention to the route type. The initial cost value is compared first, and the total metric value is compared when the seed metric value is the same. Both are small and excellent.

Modify the specific configuration of the routing type

[huawei] ospf 1

[huawei-ospf-1] default-route-advertise type 1 cost 10 //Modify the route type to Type 2 and the starting cost value

(3) Seven types of default

In a common NSSA area, the ABR in the area connected to the backbone area delivers seven types of defaults to the area.

Manually deliver seven types of default specific configurations (not commonly used)

[huawei]ospf 1

[huawei-ospf-1]area 1

[huawei-ospf-1-area-0.0.0.1] nssa default-route-advertise //Decentralized seven categories are Type 2 by default, and cost is 1.

Default route priority

The interior is better than the exterior, and Type1 is better than Type2.

Guess you like

Origin blog.csdn.net/FLY_7_/article/details/114852731
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com