![]() ![]() |
6.3 | ![]() |
OSPF Configuration and Verification | |
6.3.3 | ![]() |
Optional configuration commands (continued) |
OSPF routers use costs associated with
interfaces to determine the best route. The Cisco IOS automatically
determines cost based on the bandwidth of an interface using the
following formula:
Figure
The new cost can be a number between 1 and 65,535. To override the default cost on the SO interface of a router, use the following commands:
The ip ospf cost command can also be used to manipulate the desirability of a route. This is because routers install the lowest-cost paths in their tables. For the Cisco IOS cost formula to be accurate, serial interfaces must be configured with appropriate bandwidth values. Cisco routers default to T1, 1.544 Mbps, on most serial interfaces and require manual configuration for any other bandwidth, as shown in the following example:
Configuring Authentication
After a password is configured, enable authentication on an area wide basis with the following syntax, which must be entered on all participating routers:
Although the message-digest keyword is optional, it is recommended that this keyword is always used with this command. By default, authentication passwords will be sent in clear text over the wire. A packet sniffer could easily capture an OSPF packet and decode the unencrypted password. However, if the message-digest argument is used, a message digest, or hash, of the password is sent over the wire in place of the password itself. Unless the recipient is configured with the proper authentication key, that person will not be able to make sense of the message digest. If message-digest authentication is used, the authentication key will not be used. Instead, configure a message-digest key on the interface of the OSPF router. The syntax for this command is as follows:
Figure
The following example sets the message-digest key to "itsasecret" and enables message-digest authentication within Area 0.
Remember, the same parameters would have to be configured on the other routers in the same area. Configuring OSPF Timers On broadcast OSPF networks, the default Hello interval is ten seconds, and the default dead interval is 40 seconds. On nonbroadcast networks, the default Hello interval is 30 seconds, and the default dead interval is two minutes or 120 seconds. These default values typically result in efficient OSPF operation and therefore do not need to be modified. A situation may appear in which the Hello and dead intervals need to be adjusted either to improve performance or to match the timers on another router. The syntax of the commands needed to configure both the Hello and dead intervals is as follows:
The following example sets the Hello interval to five seconds, and the dead interval to 20 seconds:
Notice that, although it is advised, the Cisco IOS does not require the dead interval to be configured to be four times the Hello interval. If the dead interval is set to be less than that, the risk is increased that a router could be declared dead. In fact, a congested or flapping link has prevented one or two Hello packets from reaching their destination.
|