To create or modify a routing configuration file, you must use the correct routing commands. This topic includes a list of example OSPF routing commands.
In Fireware v12.9 or higher, Fireware uses the Free Range Routing (FRR) routing engine, which replaces Quagga. If your configuration includes Quagga commands for dynamic routing, those commands work after you upgrade. Some FRR commands appear in a different section than in Quagga.
For OSPF code samples, go to Sample OSPF Routing Configuration File (FRR).
To configure OSPF, go to Configure IPv4 Routing with OSPF.
Fireware v12.8.x or lower uses the Quagga routing software suite. For a list of example Quagga commands, go to OSPF Commands (Quagga).
Example OSPF Commands (FRR in Fireware v12.9 or Higher)
This list includes example FRR commands that you might include in your OSPF configuration. For a complete list of FRR commands, go to the FRRouting User Guide.
The sections must appear in the configuration file in the same order they appear in this table.
| Section | Command | Description |
|---|---|---|
|
Configure Interface |
||
| interface eth[N] | Begin section to set properties for interface | |
| ip ospf authentication-key [PASSWORD] | Set an OSPF authentication password that is 1 to 8 characters in length. If you specify a password that includes 9 or more characters, the password is truncated to 8 characters. | |
| ip ospf bfd | Set bidirectional forwarding (BFD) to detect faults between two routers or switches connected by a link (go to Bidirectional Forwarding) | |
|
ip ospf message-digest-key [KEY-ID] md5 [KEY] |
Set MD5 authentication key ID and key | |
| ip ospf cost [1-65535] | Set link cost for the interface (go to the OSPF Interface Cost Table) | |
| ip ospf hello-interval [1-65535] | Set interval to send hello packets; default is 10 seconds | |
| ip ospf dead-interval [1-65535] | Set interval after last hello from a neighbor before declaring it down; default is 40 seconds | |
| ip ospf retransmit-interval [1-65535] | Set interval between link-state advertisements (LSA) retransmissions; default is 5 seconds | |
| ip ospf transmit-delay [1-3600] | Set time required to send LSA update; default is 1 second | |
| ip ospf priority [0-255] | Set route priority; high value increases eligibility to become the designated router (DR) | |
| Configure OSPF Routing Daemon, Enable OSPF on a Network, and Configure Properties for Backbone Area or Other Areas | ||
|
router ospf |
Enable OSPF daemon | |
| ospf router-id [A.B.C.D] | Set router ID for OSPF manually; router determines its own ID if not set | |
| ospf rfc1583compatibility | Enable RFC 1583 compatibility (can lead to route loops) | |
| redistribute connected | Redistribute routes from all interfaces to OSPF; includes virtual IP address pools for Mobile VPN with SSL | |
|
redistribute static |
Redistribute firewall static routes to OSPF | |
| network [A.B.C.D/M] area [Z] |
Announce OSPF on network A.B.C.D/M for area 0.0.0.Z The area variable can be typed in two formats: [W.X.Y.Z]; or as an integer [Z] |
|
| area [Z] range [A.B.C.D/M] |
Create area 0.0.0.Z and set a classful network for the area (range and interface network and mask setting should match) The area variable can be typed in two formats: [W.X.Y.Z]; or as an integer [Z] |
|
| area [Z] virtual-link [W.X.Y.Z] | Set virtual link neighbor for area 0.0.0.Z | |
| area [Z] stub | Set area 0.0.0.Z as a stub | |
| area [Z] stub no-summary | ||
| area [Z] authentication | Enable simple password authentication for area 0.0.0.Z | |
| area [Z] authentication message-digest | Enable MD5 authentication for area 0.0.0.Z | |
| default-information originate |
Share route of last resort (default route) with OSPF If the OSPF configuration on your Firebox includes this command, and if Link Monitor detects a link failure for all WAN connections, OSPF does not announce the default route to neighbors. |
|
| default-information originate metric [0-16777214] | Share route of last resort (default route) with OSPF and add a metric used to generate the default route | |
| default-information originate always | Always share the route of last resort (default route) | |
| default-information originate always metric [0-16777214] | Always share the route of last resort (default route) and add a metric used to generate the default route | |
| ospf abr-type [cisco|ibm|shortcut|standard] | More information about this command can be found in draft-ietf-abr-o5.txt | |
| passive-interface eth[N] | Disable OSPF announcement on interface eth[N] | |
| auto-cost reference-bandwidth [0-429495] | Set global cost (go to OSPF Interface Cost Table); do not use with the ip ospf [COST] command | |
| timers throttle spf (0-600000) (0-600000) (0-600000) |
Set the SPF initial delay (from first change received until the SPF calculation), initial hold time between consecutive SPF calculations, and maximum hold time. All values are in milliseconds. | |
| Redistribute OSPF Routes | ||
| redistribute connected metrics |
Redistribute routes from all interfaces to OSPF, and a metric used for the action |
|
| Configure Route Redistribution with Access Lists and Route Maps | ||
| access-list [LISTNAME] permit [A.B.C.D/M] | Create an access list to allow distribution of A.B.C.D/M | |
| access-lists [LISTNAME] deny any | Restrict distribution of any route map not specified above | |
| Configure Route Maps | ||
| route-map [MAPNAME] permit [N] | Create a route map with name [MAPNAME] and allow with a priority of [N] | |
| match ip address [LISTNAME] |
|
|
| Enable SNMP Queries (Fireware v12.10 and higher) | ||
| agentx | Enable SNMP queries for dynamic routing. SNMP queries can result in high CPU usage if there is a large number of routes. OSPF OID — .1.3.6.1.2.1.14 |
|
About Open Shortest Path First (OSPF and OSPFv3) Protocol