Configure OSPF for a Port or VLAN

Configure OSPF parameters on a port or VLAN so you can control OSPF behavior on the port or VLAN.

Before you begin

  • Enable OSPF globally.

  • Ensure IP interfaces exist.

About this task

To configure OSPF on a VRF instance for a port or VLAN, you configure OSPF on the port or VLAN, and then associate the port or VLAN with the VRF.

Important

Important

When you enable OSPF on a VLAN or a port, the switch automatically creates an area 0.0.0.0, and advertises it on the specific VLAN or port, by default. To avoid this behavior, you must manually configure the VLAN or port into a properly configured area on the switch.

Procedure

  1. Enter Interface Configuration mode:

    enable

    configure terminal

    interface GigabitEthernet {slot/port[/sub-port][-slot/port[/sub-port]][,...][slot/all][all]} or interface vlan <1–4059>

    Note

    Note

    If the platform supports channelization and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port.

  2. Configure the OSPF interface area ID:

    ip ospf area {A.B.C.D}

  3. Enable OSPF routing:

    ip ospf enable

  4. Choose the OSPF update authentication method:

    ip ospf authentication-type <message-digest|none|sha-1|sha-2|simple>

    Both sides of an OSPF connection must use the same authentication type and key.

  5. If you choose simple, you must configure the password.

    ip ospf authentication-key WORD<0-8>

  6. If you choose an authentication key other than simple such as MD5, Sha-1 or Sha-2, you must configure the digest key first and then assign it to the authentication type.
    1. Create the digest-key:

      ip ospf digest-key <1-255> key WORD<0-16>

    2. Assign the newly created digest key to the authentication type:

      ip ospf authentication-type <message-digest|none|sha-1|sha-2|simple> primary-digest-key <1-255>

  7. Specify the interface type:

    ip ospf network <broadcast|nbma|passive|p2p>

  8. Configure the remaining parameters as required, or accept their default values. View the following variable definitions table for more information.

Example

Configure the OSPF interface area ID to 192.0.2.2, enable OSPF routing, choose the OSPF update authentication method as message-digest, and specify the interface type as broadcast.

Switch:1>enable
Switch:1#configure terminal
Switch:1(config)#interface vlan 1
Switch:1(config-if)#ip ospf area 192.0.2.2
Switch:1(config-if)#ip ospf enable
Switch:1(config-if)#ip ospf authentication-type message-digest
Switch:1(config-if)#ip ospf network broadcast

Variable Definitions

The following table defines parameters for the ip ospf commands.

Variable

Value

advertise-when-down enable

Enables or disables AdvertiseWhenDown. If enabled, OSPF advertises the network on this interface as up, even if the port is down. The default is disabled.

After you configure a port with no link and enable advertise-when-down, OSPF does not advertise the route until the port is active. OSPF advertises the route even when the link is down. To disable advertising based on link status, you must disable this parameter.

area {A.B.C.D}

Configures the OSPF identification number for the area, typically formatted as an IP address.

authentication-key WORD<0-8>

Configures the eight-character simple password authentication key for the port or VLAN.

authentication-type <message-digest|none|sha-1|sha-2|simple>

Specifies the type of authentication required for the interface.

  • none—Specifies that no authentication required.

  • simple password—Specifies that all OSPF updates received by the interface must contain the authentication key specified in the interface AuthKey parameter.

  • MD5 authentication—Specifies that all OSPF updates received by the interface must contain the MD5 key.

  • sha-1—Specifies secure hash algorithm 1 (SHA-1), which is a cryptographic hash function that produces a 160-bit hash value, usually given in a hexadecimal number, 40 digits long.

  • sha-2—Specifies SHA-2, which offers the hash function SHA-256.

    Note:

    SHA-2, an update of SHA-1, can offer six hash functions that include SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA 512/256, with hash values that are 224, 256, 384, or 512 bits. However, the current release supports only SHA-256.

bfd

Enable Bidirectional Forwarding Detection (BFD) at the OSPF application level. The default is disabled.

cost <0-65535>

Configures the OSPF cost associated with this interface and advertised in router link advertisements. The default is 0.

dead-interval <0-2147483647>

Configures the router OSPF dead interval, which is the number of seconds the OSPF neighbors of a switch must wait before they assume the OSPF router is down. The default is 40. The value must be at least four times the hello interval.

enable

Enables OSPF on the port or VLAN.

hello-interval <1-65535>

Configures the OSPF hello interval, which is the number of seconds between hello packets sent on this interface. The default is 10.

message-digest-key <1-255> md5 WORD<0-16>

Configures the MD5 key. You can configure a maximum of two MD5 keys for an interface.

If you configure two keys, the interface uses only the first key. To transition to the second key, configure a primary-md5-key to use the ID of the second configured key, and then delete the first key.

Important:

Use the correct key id when two keys are configured.

The key id and md5 password must match with the other OSPF routers, to form the OSPF adjacencies.

<1-255> is the ID for the MD5 key

WORD<0-16> is an alphanumeric password of up to 16 bytes {string length 0–16}

primary-digest-key <1-255>

Use this parameter to transition to a new MD5 key. The new MD5 key changes the primary key used to encrypt outgoing packets.

<1-255> is the ID for the new MD5 key.

mtu-ignore enable

Enables maximum transmission unit (MTU) ignore. To allow the switch to accept OSPF database description (DD) packets with a different MTU size, enable mtu-ignore. The interface drops incoming OSPF DD packets if their MTU is greater than 1500 bytes.

network <broadcast|nbma|passive|p2p>

Specifies the type of OSPF interface.

poll-interval <0-2147483647>

Configures the OSPF poll interval in seconds. The default is 120.

priority <0-255>

Configures the OSPF priority for the port during the election process for the designated router. The port with the highest priority number is the best candidate for the designated router. If you configure the priority to 0, the port cannot become either the designated router or a backup designated router. The default is 1.

retransmit-interval <0-3600>

Configures the retransmit interval for the virtual interface, which is the number of seconds between link-state advertisement retransmissions.

transit-delay <0-3600>

Configures the transit delay for the virtual interface, which is the estimated number of seconds required to transmit a link-state update over the interface.

<1-4059>

Specifies the VLAN ID in the range of 1 to 4059. By default, VLAN IDs 1 to 4059 are configurable and the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1.

This variable applies only to VLAN interfaces, not to ports.