To create or modify a BGP routing configuration file, you must use the correct routing commands. This topic includes a list of Quagga commands. Quagga is the routing daemon in Fireware versions lower than 12.9.
For a sample routing configuration file, see Sample OSPF Routing Configuration File (Quagga).
To configure OSPF, see Configure IPv4 Routing with OSPF.
In Fireware v12.9 or higher, Fireware uses the Free Range Routing (FRR) engine. If your configuration includes Quagga commands for dynamic routing, those commands work after you upgrade to Fireware v12.9. For a list of FRR commands, see OSPF Commands (FRR).
Example OSPF Commands (Quagga in Fireware v12.8.x or Lower)
This list includes example Quagga commands that you might include in your BGP configuration. For a complete list of Quagga commands, see Quagga Routing Suite Documentation.
The sections must appear in the configuration file in the same order they appear in this table.
|interface eth[N]||Begin section to set properties for interface|
|ip ospf authentication-key [PASSWORD]||Set OSPF authentication password that is 1 to 8 characters in length. If you specify a password that includes 9 or more characters, the password is truncated to 8 characters.|
|ip ospf message-digest-key [KEY-ID] md5 [KEY]||Set MD5 authentication key ID and key|
|ip ospf cost [1-65535]||Set link cost for the interface (see the OSPF Interface Cost Table)|
|ip ospf hello-interval [1-65535]||Set interval to send hello packets; default is 10 seconds|
|ip ospf dead-interval [1-65535]||Set interval after last hello from a neighbor before declaring it down; default is 40 seconds|
|ip ospf retransmit-interval [1-65535]||Set interval between link-state advertisements (LSA) retransmissions; default is 5 seconds|
|ip ospf transmit-delay [1-3600]||Set time required to send LSA update; default is 1 second|
|ip ospf priority [0-255]||Set route priority; high value increases eligibility to become the designated router (DR)|
|Configure OSPF Routing Daemon|
|Enable OSPF daemon|
|ospf router-id [A.B.C.D]||Set router ID for OSPF manually; router determines its own ID if not set|
|ospf rfc1583compatibility||Enable RFC 1583 compatibility (can lead to route loops)|
|ospf abr-type [cisco|ibm|shortcut|standard]||More information about this command can be found in draft-ietf-abr-o5.txt|
|passive-interface eth[N]||Disable OSPF announcement on interface eth[N]|
|auto-cost reference-bandwidth[0-429495]||Set global cost (see the OSPF Interface Cost Table); do not use with the ip ospf [COST] command|
|timers spf [0-4294967295][0-4294967295]||Set OSPF schedule delay and hold time|
|Enable OSPF on a Network|
|*The area variable can be typed in two formats: [W.X.Y.Z]; or as an integer [Z].|
|network [A.B.C.D/M] area [Z]||
Announce OSPF on network
A.B.C.D/M for area 0.0.0.Z
|Configure Properties for Backbone area or Other Areas|
|The area variable can be typed in two formats: [W.X.Y.Z]; or as an integer [Z].|
|area [Z] range [A.B.C.D/M]||Create area 0.0.0.Z and set a classful network for the area (range and interface network and mask setting should match)|
|area [Z] virtual-link [W.X.Y.Z]||Set virtual link neighbor for area 0.0.0.Z|
|area [Z] stub||Set area 0.0.0.Z as a stub|
|area [Z] stub no-summary|
|area [Z] authentication||Enable simple password authentication for area 0.0.0.Z|
|area [Z] authentication message-digest||Enable MD5 authentication for area 0.0.0.Z|
|Redistribute OSPF Routes|
Share route of last resort (default route) with OSPF
In Fireware v12.5.6 or higher, if the OSPF configuration on your Firebox includes this command, and if Link Monitor detects a link failure for all WAN connections, OSPF does not announce the default route to neighbors.
|default-information originate metric [0-16777214]||Share route of last resort (default route) with OSPF, and add a metric used to generate the default route|
|default-information originate always||Always share the route of last resort (default route)|
|default-information originate always metric [0-16777214]||Always share the route of last resort (default route), and add a metric used to generate the default route|
|redistribute static||Redistribute firewall static routes to OSPF|
|redistribute connected||Redistribute routes from all interfaces to OSPF, and includes virtual IP address pools for Mobile VPN with SSL|
|Configure Route Redistribution with Access Lists and Route Maps|
|access-list [LISTNAME] permit [A.B.C.D/M]||Create an access list to allow distribution of A.B.C.D/M|
|access-lists [LISTNAME] deny any||Restrict distribution of any route map not specified above|
|route-map [MAPNAME] permit [N]||Create a route map with name [MAPNAME] and allow with a priority of [N]|
|match ip address [LISTNAME]||