6.3 OSPF Configuration and Verification  
  6.3.3 Optional configuration commands (continued)  
OSPF routers use costs associated with interfaces to determine the best route. The Cisco IOS automatically determines cost based on the bandwidth of an interface using the following formula:

108/ bandwidth value = 100,000,000 / bandwidth value

Figure shows common default path costs for a variety of media. For OSPF to calculate routes properly, all interfaces connected to the same link must agree on the cost of that link. In a multi-vendor routing environment, the default cost of an interface may be overridden to match another vendor's value with the ip ospf cost command, which has the following syntax:

Router(config-if)#ip ospf cost number

The new cost can be a number between 1 and 65,535. To override the default cost on the SO interface of a router, use the following commands:

Router(config)#interface s0
Router(config-if)#ip ospf cost 1000

The ip ospf cost command can also be used to manipulate the desirability of a route. This is because routers install the lowest-cost paths in their tables.

For the Cisco IOS cost formula to be accurate, serial interfaces must be configured with appropriate bandwidth values. Cisco routers default to T1, 1.544 Mbps, on most serial interfaces and require manual configuration for any other bandwidth, as shown in the following example:

Router(config)#interface s1
Router(config-if)#bandwidth 56

Configuring Authentication
Authentication is another interface specific configuration. Each OSPF interface on a router can present a different authentication key, which functions as a password among OSPF routers in the same area. The following command syntax is used to configure OSPF authentication:

Router(config-if)#ip ospf authentication-key password

After a password is configured, enable authentication on an area wide basis with the following syntax, which must be entered on all participating routers:

Router(config-router)#area number authentication [message-digest]

Although the message-digest keyword is optional, it is recommended that this keyword is always used with this command. By default, authentication passwords will be sent in clear text over the wire. A packet sniffer could easily capture an OSPF packet and decode the unencrypted password. However, if the message-digest argument is used, a message digest, or hash, of the password is sent over the wire in place of the password itself. Unless the recipient is configured with the proper authentication key, that person will not be able to make sense of the message digest.

If message-digest authentication is used, the authentication key will not be used. Instead, configure a message-digest key on the interface of the OSPF router. The syntax for this command is as follows:

Router(config-if)#ip ospf message-digest-key key-id md5 [encryption-type] password

Figure describes the ip ospf message-digest-key command parameters.

The following example sets the message-digest key to "itsasecret" and enables message-digest authentication within Area 0.

Router(config)#int s0
Router(config-if)#ip ospf message-digest-key 1 md5 7 itsasecret
Router(config-if)#int e0
Router(config-if)#ip ospf message-digest-key 1 md5 7 itsasecret
Router(config-if)#router ospf 1
Router(config-router)#area 0 authentication message-digest

Remember, the same parameters would have to be configured on the other routers in the same area.

Configuring OSPF Timers
In order for OSPF routers to exchange information, they must have the same Hello intervals and the same dead intervals. By default, the dead interval is four times the value of the Hello interval. That way, a router has four chances to send a Hello packet before being declared dead.

On broadcast OSPF networks, the default Hello interval is ten seconds, and the default dead interval is 40 seconds. On nonbroadcast networks, the default Hello interval is 30 seconds, and the default dead interval is two minutes or 120 seconds.

These default values typically result in efficient OSPF operation and therefore do not need to be modified. A situation may appear in which the Hello and dead intervals need to be adjusted either to improve performance or to match the timers on another router. The syntax of the commands needed to configure both the Hello and dead intervals is as follows:

Router(config-if)#ip ospf Hello-interval seconds
Router(config-if)#ip ospf dead-interval seconds

The following example sets the Hello interval to five seconds, and the dead interval to 20 seconds:

Router(config)#interface e0
Router(config-if)#ip ospf Hello-interval 5
Router(config-if)#ip ospf dead-interval 20

Notice that, although it is advised, the Cisco IOS does not require the dead interval to be configured to be four times the Hello interval. If the dead interval is set to be less than that, the risk is increased that a router could be declared dead. In fact, a congested or flapping link has prevented one or two Hello packets from reaching their destination.

 

Lab Activity

e-Lab Activity: Optional Configuration Commands (continued)

In this lab, configure additional optional configuration commands for OSPF operation.