Configure IPv4 Routing with OSPF

If you enable OSPF for a FireCluster, you must set the router-id in the OSPF configuration to the interface IP address used by the cluster. This is to make sure that the routing protocol does not try to use the FireCluster management IP address as the router-id. Do not use the FireCluster management IP address or cluster IP address as the router-id. To set the router-id, use the command ospf router-id <ip-address> in your OSPF configuration.

If your Firebox has multi-WAN enabled, you can configure a loopback interface, and use the IP address of the loopback interface instead of the IP address of the physical interfaces in the dynamic routing configuration. For more information, see Configure a Loopback Interface.

When you enable OSPF, a dynamic routing policy called DR-OSPF-Allow is automatically created. You can edit this policy to add authentication and restrict the policy to listen on only the correct interfaces. The DR-OSPF-Allow policy is configured to allow OSPF multicasts to the reserved multicast addresses for OSPF.

After you configure the Firebox and the OSPF router, you can look at the routes table to verify that the Firebox has received route updates from the OSPF router.

To see the dynamic routes, from Firebox System Manager select the Status Report tab.

To see dynamic routes, from Fireware Web UI select System Status > Routes.

See Also

About Open Shortest Path First (OSPF and OSPFv3) Protocol

OSPF Commands

Give Us Feedback     Get Support     All Product Documentation     Technical Search