To enable authentication for an Open Shortest Path First (OSPF) area,
use the areaauthentication command in router configuration mode. To remove an authentication specification of an area or a specified area from the configuration, use the no form of this command.
Identifier of the area for which authentication is to be enabled. The identifier can be specified as either a decimal value or an IP address.
message-digest
(Optional) Enables
Message Digest 5 (MD5) authentication on the area specified by the area-id argument.
Command Default
Type 0 authentication (no authentication)
Command Modes
Router configuration
Command History
Release
Modification
10.0
This command was introduced.
11.0
Themessage-digest keyword was added.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
Specifying authentication for an area sets the authentication to Type 1 (simple password) as specified in
RFC 1247. If this command is not included in the configuration file, authentication of Type 0 (no authentication) is assumed.
The authentication type must be the same for all routers and access servers in an area. The authentication password for all OSPF routers on a network must be the same if they are to communicate with each other via OSPF. Use the ipospfauthentication-key interface command to specify this password.
If you enable MD5 authentication with the message-digest keyword, you must configure a password with the ipospfmessage-digest-key interface command.
To remove the authentication specification for an area, use the noform of this command with the authentication keyword.
Note
To remove the specified area from the software configuration, use the noareaarea-idcommand (with no other keywords). That is, the noareaarea-id command removes all area options, such as areaauthentication, areadefault-cost, areanssa, arearange, areastub, and areavirtual-link.
Examples
The following example mandates authentication for areas 0 and 10.0.0.0 of OSPF routing process 201. Authentication keys are also provided.
interface ethernet 0
ip address 192.168.251.201 255.255.255.0
ip ospf authentication-key adcdefgh
!
interface ethernet 1
ip address 10.56.0.201 255.255.0.0
ip ospf authentication-key ijklmnop
!
router ospf 201
network 10.0.0.0 0.255.255.255 area 10.0.0.0
network 192.168.0.0 0.0.255.255 area 0
area 10.0.0.0 authentication
area 0 authentication
Related Commands
Command
Description
areadefault-cost
Specifies a cost for the default summary route sent into a stub area.
areastub
Defines an area as a stub area.
ipospfauthentication-key
Assigns a password to be used by neighboring routers that are using the simple password authentication of OSPF.
ipospfmessage-digest-key
Enables OSPF MD5 authentication.
area authentication (key-chain)
To enable authentication trailer for an Open Shortest Path First version 3 (OSPFv3) area, use the areaauthentication command in router configuration mode or in address-family configuration mode. To disable the authentication trailer, use theno form of this command.
Area ID assigned to the OSPFv3 area. This can be either a decimal value or a valid IPv6 prefix. There is no default.
authentication
Enables area authentication.
key-chain
Configures a key chain for cryptographic authentication keys.
chain-name
Name of the authentication key that is valid..
null
(Optional) Enables
Message Digest 5 (MD5) authentication on the area specified by the area-id argument.
Command Default
No authentication trailer is enabled for an OSPFv3 area.
Command Modes
Router configuration (config-router)
Router address family configuration (config-router-af)
Command History
Release
Modification
Cisco IOS XE Release 3.11S
This command was introduced.
Usage Guidelines
Use the area authenticationcommand to enable authentication trailer on all interfaces in the area.
Examples
The following example enables the authentication trailer for an OSPFv3 area:
Device(config-router-af)# area 1 authentication key-chain ospf-1
Related Commands
Command
Description
ospfv3 authentication (key-chain)
Specifies the cryptographic authentication keys for an OSPFv3 instance.
authentication mode (OSPF)
Specifies the authentication
mode used in OSPFv3.
area default-cost
To specify a cost for the
default summary route that is sent into a stub area or not-so-stubby area (NSSA),
use the areadefault-costcommand in router address family topology or router configuration mode. To remove the assigned default route cost, use the no form of this command.
Identifier for the stub area or NSSA. The identifier can be specified as either a decimal value or an IP address.
cost
Cost for the default summary route used for a stub or NSSA. The acceptable value is a 24-bit number.
Command Default
cost: 1
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command is used only on an Area Border Router (ABR) attached to a stub area or NSSA.
There are two stub area router configuration commands: the stub and default-cost options of the area command. In all routers and access servers attached to the stub area, the area should be configured as a stub area using the stub option of the area command. Use the default-cost option only on an ABR attached to the stub area. Thedefault-cost option provides the metric for the summary default route generated by the ABR into the stub area.
Note
To remove the specified area from the software configuration, use the noareaarea-id command (with no other keywords). That is, the noareaarea-id command removes all area options, such as areaauthentication, areadefault-cost, areanssa, arearange, areastub, and areavirtual-link.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the areadefault-costcommand in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example assigns a default cost of 20 to stub network 10.0.0.0:
interface ethernet 0
ip address 10.56.0.201 255.255.0.0
!
router ospf 201
network 10.0.0.0 0.255.255.255 area 10.0.0.0
area 10.0.0.0 stub
area 10.0.0.0 default-cost 20
Related Commands
Command
Description
areaauthentication
Enables authentication for an OSPF area.
areastub
Defines an area as a stub area.
area filter-list
To filter prefixes advertised
in type 3 link-state advertisements (LSAs) between Open Shortest Path First (OSPF) areas of an Area Border Router (ABR), use the areafilter-list command in router address family topology or router configuration mode. To change or cancel the filter, use the no form of this command.
areaarea-idfilter-listprefixprefix-list-name
{ in | out }
noareaarea-idfilter-listprefixprefix-list-name
{ in | out }
Syntax Description
area-id
Identifier of the area for which filtering is configured. The identifier can be specified as either a decimal value or an IP address.
prefix
Indicates that a prefix list is used.
prefix-list-name
Name of a prefix list.
in
The prefix list is applied to prefixes advertised to the specified area from other areas.
out
The prefix list is applied to prefixes advertised out of the specified area to other areas.
Command Default
This command is disabled by default. The router will not filter prefixes.
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Command History
Release
Modification
12.0(15)S
This command was introduced.
12.2(4)T
This command was integrated into Cisco IOS Release 12.2(4)T.
12.2(28)SB
This command was integrated into Cisco IOS Release 12.2(28)SB.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
Usage Guidelines
With this feature enabled in the “in” direction, all type 3 LSAs originated by the ABR to this area, based on information from all other areas, are filtered by the prefix list. Type 3 LSAs that were originated as a result of the arearange command in another area are treated like any other type 3 LSA that was originated individually. Any prefix that does not match an entry in the prefix list is implicitly denied.
With this feature enabled in the “out” direction, all type 3 LSAs advertised by the ABR, based on information from this area to all other areas, are filtered by the prefix list. If the arearange command has been configured for this area, type 3 LSAs that correspond to the area range are sent to all other areas, only if at least one prefix in the area range matches an entry in the prefix list.
If all specific prefixes are denied by the prefix list, type 3 LSAs that correspond to the arearange command will not be sent to any other area. Prefixes that are not permitted by the prefix list are implicitly denied.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the areafilter-listcommand in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example filters prefixes that are sent from all other areas to area 1:
area 1 filter-list prefix AREA_1 in
Related Commands
Command
Description
arearange
Consolidates and summarizes routes at an area boundary.
area nssa
To configure a
not-so-stubby area ( NSSA), use the
areanssacommand in router address family
topology or router configuration mode. To remove the NSSA distinction from the
area, use the
no form of this
command.
Identifier for the stub area or NSSA. The identifier can be specified as either
a decimal value or an IP address.
no-redistribution
(Optional) Used when the router is an NSSA Area Border Router (ABR) and you
want the
redistribute
command to import routes only into the normal areas, but not into the NSSA
area.
default-information- originate
(Optional) Used to generate a Type 7 default into the NSSA area. This keyword
takes effect only on the NSSA ABR or the NSSA Autonomous System Boundary Router
(ASBR).
metric
(Optional) Specifies the OSPF default metric.
metric-type
(Optional) Specifies the OSPF metric type for default routes.
no-summary
(Optional) Allows an area to be an NSSA but not have summary routes injected
into it.
nssa-only
(Optional) Limits the default advertisement to this NSSA area by setting the
propagate (P) bit in the type-7 LSA to zero.
Command Default
No NSSA area is
defined.
Command Modes
Router address
family topology configuration (config-router-af-topology) Router configuration
(config-router)
Command History
Release
Modification
10.0
This
command was introduced.
12.2(33)SRA
This
command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This
command was made available in router address family topology configuration
mode.
12.2SX
This
command is supported in the Cisco IOS Release 12.2SX train. Support in a
specific 12.2SX release of this train depends on your feature set, platform,
and platform hardware.
15.0(1)M
This
command was modified. The nssa-only keyword was added.
15.2(1)E
This command was integrated into Cisco IOS Release 15.2(1)E.
Usage Guidelines
To remove the
specified area from the software configuration, use the
noareaarea-idcommand (with no other keywords). That is,
the
noareaarea-id command removes all area options,
including
areaauthentication,
areadefault-cost,
areanssa,
arearange,
areastub, and
areavirtual-link.
Release
12.2(33)SRB
If you plan to
configure the Multi-Topology Routing (MTR) feature, you need to enter the
areanssacommand in router address family topology
configuration mode in order for this OSPF router configuration command to
become topology-aware.
Examples
The following
example makes area 1 an NSSA area:
router ospf 1
redistribute rip subnets
network 172.19.92.0 0.0.0.255 area 1
area 1 nssa
Related Commands
Command
Description
redistribute
Redistributes routes from one routing domain into another routing domain.
area nssa translate
To configure a
not-so-stubby area ( NSSA) and to configure the OSPF Forwarding Address
Suppression in Translated Type-5 LSAs feature, use the
areanssatranslatecommand in router address family topology
or router configuration mode. To remove the NSSA distinction from the area, use
the
no form of this
command.
Identifier for the stub area or NSSA. The identifier can be specified as either
a decimal value or an IP address.
translate
Translates one type of link-state advertisement (LSA) to another type of LSA.
This keyword takes effect only on an NSSA Area Border Router (ABR) or an NSSA
Autonomous System Boundary Router (ASBR).
type7
(Required) Translates a Type-7 LSA to a Type-5 LSA. This keyword takes effect
only on an NSSA ABR or an NSSA ASBR.
always
(Optional) Configures an NSSA ABR router as a forced NSSA LSA translator. The
NSSA ABR router unconditionally translates Type-7 LSAs to Type-5 LSAs. You can
configure the
always
keyword only in router configuration mode, not in router address family
topology configuration mode.
suppress-fa
(Optional) Suppresses the forwarding address of the Type-7 LSAs from being
placed in the Type-5 LSAs. This keyword takes effect only on an NSSA ABR or an
NSSA ASBR.
default-information-originate
(Optional) Used to generate a Type 7 default into the NSSA area. This keyword
takes effect only on the NSSA ABR or the NSSA Autonomous System Boundary Router
(ASBR).
metric
(Optional) Configures the OSPF default metric.
ospf-metric
Specifies the OSPF default metric in the range from 0 to 16777214.
metric-type
(Optional) Configures the OSPF metric type for default routes.
ospf-link-state-type
Specifies OSPF metric type in the range from 1 to 2.
nssa-only
(Optional) Limits the default advertisement to this NSSA area by setting the
propagate (P) bit in the type-7 LSA to zero..
no-ext-capability
(Optional) Specifies that domain-specific capabilities are not sent to NSSA.
no-redistribution
(Optional) Specifies that the
redistribute
command will import routes only into the normal areas, not into the NSSA area.
Used when the router is an NSSA ABR.
no-summary
(Optional) Allows an area to be an NSSA but not have summary routes injected
into it.
Command Default
The ABRs
connecting an NSSA and the backbone areas elect one of them to translate LSAs,
which means that a router might be elected as translator.
Command Modes
Router address
family topology configuration (config-router-af-topology) Router configuration
(config-router)
Release
Modification
12.2(15)T
This
command was introduced.
12.2(27)SBC
This
command was integrated into Cisco IOS Release 12.2(27)SBC.
12.2(33)SRA
This
command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This
command was made available in router address family topology configuration
mode.
12.2SX
This
command is supported in the Cisco IOS Release 12.2SX train. Support in a
specific 12.2SX release of this train depends on your feature set, platform,
and platform hardware.
15.1(2)S
This
command was modified. Support for the
always
keyword was added.
15.2(1)E
This command was integrated into Cisco IOS Release 15.2(1)E.
Usage Guidelines
To configure the
OSPF Forwarding Address Suppression in Translated Type-5 LSAs feature,
configure the
translatetype7suppress-fa keywords. Consider the following
caution.
Caution
Configuring the
OSPF Forwarding Address Suppression in Translated Type-5 LSAs feature causes
the router to be noncompliant with RFC 1587. Also, suboptimal routing might
result because there might be better paths to reach the destination’s
forwarding address. This feature should not be configured without careful
consideration and not until the network topology is understood.
If the the
no-redistribution or
default-information-originate keywords are used,
two separate lines for the
areanssa command appear in the configuration file for
ease of readability. For example, if the
area6nssatranslatetype7suppress-fano-redistributioncommand is configured, the
following lines would appear in the configuration file:
router ospf 1
area 6 nssa no-redistribution
area 6 nssa translate type7 suppress-fa
Cisco IOS Release
15.1(2)S and later releases support RFC 3101 and include the
always
keyword, which allows you to configure an NSSA ABR router as a forced NSSA LSA
translator. This means that the NSSA ABR router will unconditionally assume the
role of LSA translator, preempting the default behavior, which would only
include it among the candidates to be elected as translator.
Note
Even a forced
translator might not translate all LSAs; translation depends on the contents of
each LSA.
You can configure
the
always
keyword only in router configuration mode, not in router address family
topology configuration mode.
To remove the
specified area from the software configuration, use the
noareaarea-idcommand (with no other keywords). That is,
the
noareaarea-id command removes all area options, such as
areaauthentication,
areadefault-cost,
areanssa,
arearange,
areastub, and
areavirtual-link.
Release
12.2(33)SRB
If you plan to
configure the Multi-Topology Routing (MTR) feature with this command, you you
must do so in router address family topology configuration mode in order for
this OSPF router configuration command to become topology-aware.
Examples
The following
example causes OSPF to translate Type-7 LSAs from area 1 to Type-5 LSAs, but
not place the Type-7 forwarding address into the Type-5 LSAs. OSPF places
0.0.0.0 as the forwarding address in the Type-5 LSAs.
router ospf 2
network 172.19.92.0 0.0.0.255 area 1
area 1 nssa translate type7 suppress-fa
The following
example configures an NSSA ABR as a forced LSA translator.
Router(config-router)# area 10 nssa translate type7 always
Related Commands
Command
Description
redistribute
Redistributes routes from one routing domain into another routing domain.
area range
To consolidate and summarize routes at an area boundary, use the
arearange command in router configuration mode. To disable this function, use the
noform of this command.
Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IPv6 prefix.
ipv6-prefix
IPv6 prefix.
/prefix-length
IPv6 prefix length.
advertise
(Optional) Sets the address range status to advertise and generates a Type 3 summary link-state advertisement (LSA).
not-advertise
(Optional) Sets the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and the component networks remain hidden from other networks.
costcost
(Optional) Metric or cost for this summary route, which is used during OSPF SPF calculation to determine the shortest paths to the destination. The value can be 0 to 16777215.
Command Default
This command is disabled by default.
Command Modes
Router configuration
Command History
Release
Modification
10.0
This command was introduced.
12.0(24)S
Support for IPv6 was added. The
cost keyword and
cost argument were added.
12.2(15)T
Support for IPv6 was added. The
cost keyword and
cost argument were added.
12.2(18)S
This command was integrated into Cisco IOS Release 12.2(18)S.
12.2(28)SB
This command was integrated into Cisco IOS Release 12.2(28)SB.
12.2(25)SG
This command was integrated into Cisco IOS Release 12.2(25)SG.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SXH
This command was integrated into Cisco IOS Release 12.2(33)SXH.
Cisco IOS XE Release 2.1
This command was introduced on Cisco ASR 1000 Series Routers.
Usage Guidelines
The
arearange command is used only with Area Border Routers (ABRs). It is used to consolidate or summarize routes for an area. The result is that a single summary route is advertised to other areas by the ABR. Routing information is condensed at area boundaries. External to the area, a single route is advertised for each address range. This behavior is called
routesummarization
Multiple
area router configuration commands specifying the
range option can be configured. Thus, OSPF can summarize addresses for many different sets of address ranges.
This command has been modified for Open Shortest Path First (OSPF) for IPv6. Users can now enter the IPv6 address syntax.
Note
To remove the specified area from the software configuration, use the
noareaarea-idcommand (with no other keywords). That is, the
noareaarea-id command removes all area options, such as
areadefault-cost,
areanssa,
arearange,
areastub, and
areavirtual-link.
Examples
The following example specifies one summary route to be advertised by the ABR to other areas for all subnets on network 10.0.0.0 and for all hosts on network 192.168.110.0:
interface Ethernet0/0
no ip address
ipv6 enable
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
router-id 192.168.255.5
log-adjacency-changes
area 1 range 2001:0DB8:0:1::/64
The following example shows the IPv6 address syntax:
Router(config-rtr)# area 1 range ?
X:X:X:X::X/<0-128> IPv6 prefix x:x::y/z
area sham-link
To configure a
sham-link interface on a provider edge (PE) router in a Multiprotocol Label
Switching (MPLS) VPN backbone, use the
areasham-link command in router configuration or
address family configuration mode. To remove the sham link, use the
no form of this
command.
ID number
of the Open Shortest Path First (OSPF) area assigned to the sham link. Valid
values: numeric value from 1 to 4294967295 or valid IP address, in A.B.C.D
format. There is no default.
source-address
IP
address associated with the sham-link source.
destination-address
IP
address associated with the destination router.
authentication
Enables sham link authentication.
key-chain
Configures a key-chain for cryptographic authentication keys.
chain-name
Name of the authentication key that is valid.
costnumber
(Optional) Specifies the OSPF cost to send IP packets over the sham-link
interface. The
number argument
range is from 1 to 65535.
ttl-securityhopshop-count
(Optional) Configures Time-to-Live (TTL) security on a sham link. The
hop-count
argument range is from 1 to 254.
Command Default
A sham link
interface is not configured on the router. The default cost is 1.
Command Modes
Router configuration (config-router)
Address family configuration (config-router-af)
Command History
Release
Modification
12.2(8)T
This
command was introduced.
12.0(21)ST
This
command was integrated into Cisco IOS Release 12.0(21)ST, and support for Cisco
12000 series Internet routers was added.
12.0(22)S
This
command was integrated into Cisco IOS Release 12.0(22)S, and support for Cisco
10000 series Internet routers was added.
12.2(33)SRA
This
command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This
command is supported in the Cisco IOS Release 12.2SX train. Support in a
specific 12.2SX release of this train depends on your feature set, platform,
and platform hardware.
12.2(33)SRC
The
ttl-securityhopshop-count
keywords and argument were added.
15.0(1)M
This
command was integrated into Cisco IOS Release 15.0(1)M.
Cisco
IOS XE Release 3.6S
This
command was modified. Support for Cisco ASR 1000 series routers was added.
15.2(4)S
This
command was integrated into Cisco IOS Release 15.2(4)S. This command was made
available in the address family configuration mode.
Cisco
IOS XE Release 3.7S
This
command was modified. The command was made available in the address family
configuration mode.
Cisco
IOS XE Release 3.11S
The
authenticationkey-chain
keywords were added.
Usage Guidelines
In the MPLS VPN
environment, several VPN client sites can be connected in the same OSPF area.
If these sites are connected over a backdoor link in addition to the VPN
backbone, all traffic passes over the backdoor link instead of over the VPN
backbone. OSPF always selects intra-area routes over inter-area (external)
routes.
To correct this
default OSPF behavior in an MPLS VPN, use the
areasham-link command to configure a sham link between
two PEs to connect the sites through the MPLS VPN backbone. A sham link
represents an intra-area (unnumbered point-to-point) connection between PEs.
All other routers in the area use the sham link to calculate intra-area
shortest path first (SPF) routes to the remote site.
Configure the
source and destination addresses of the sham link as a host route mask
(255.255.255.255) on the PE routers that serve as the endpoints of the sham
link. The source and destination IP addresses must belong to the VPN routing
and forwarding instance (VRF) and be advertised by Border Gateway Protocol
(BGP) to remote PE routers. The sham-link endpoint addresses should not be
advertised by OSPF.
In an IPv6
environment, the source and destination must be global scope IPv6 addresses in
the correct VRF. The source address should be a local interface address,
typically a loopback. The destination address should be learned from BGP, not
OSPFv3.
Use the
ttl-securityhopshop-count
keywords and argument to enable checking of TTL values on OSPF packets from
neighbors or to set TTL values sent to neighbors. This feature adds an extra
layer of protection to OSPF. This option is not configurable for OSPFv3.
Examples
The following
example shows how to configure a sham link between two PE routers in an MPLS
VPN backbone by using the
areasham-link command on each router:
Router1(config)# interface loopback 55
Router1(config-if)# ip vrf forwarding v1
Router1(config-if)# ip address 10.0.0.1 255.255.255.255
!
Router1(config)# router ospf 2 vrf v1
Router1(config-router)# log-adjacency-changes
Router1(config-router)# area 120 sham-link 10.0.0.1 172.16.0.1 cost 1
Router1(config-router)# redistribute bgp 1 subnets
Router1(config-router)# network 10.2.0.1 255.255.255.255 area 1
Router1(config-router)# network 10.120.0.0 0.255.255.255 area 120
Router1(config-router)# network 10.140.0.0 0.255.255.255 area 120
!
Router2(config)# interface loopback 44
Router2(config-if)# ip vrf forwarding v1
Router2(config-if)# ip address 172.16.0.1 255.255.255.255
!
Router2(config)# router ospf 2 vrf v1
Router2(config-router)# log-adjacency-changes
Router2(config-router)# area 120 sham-link 172.16.0.1 10.0.0.1 cost 1
Router2(config-router)# redistribute bgp 1 subnets
Router2(config-router)# network 10.2.0.1 255.255.255.255 area 1
Router2(config-router)# network 10.120.0.0 0.255.255.255 area 120
Router2(config-router)# network 10.140.0.0 0.255.255.255 area 120
!
The following
example shows how to configure TTL security for a sham link in OSPFv3 for IPv6:
The following
example shows how to configure the authentication using a key chain for sham-links:
area 1 sham-link 1.1.1.1 authentication key-chain ospf-chain-1
Related Commands
Command
Description
ttl-securityhops
Enables
checking of TTL values on OSPF packets from neighbors or setting TTL values
sent to neighbors.
area sham-link (OSPFv3)
To configure a sham-link interface on a provider edge (PE) router in a Multiprotocol Label Switching (MPLS) VPN backbone, use the
areasham-link command in address family configuration mode. To remove the sham link, use the
no form of this command.
OSPFv3 area assigned to the sham link. The range is from 1 to 4294967295. The area number may be configured in IPv4 address format A.B.C.D There is no default.
source-address
IPv6 address associated with the sham-link source.
destination-address
IPv6 address associated with the destination router.
costnumber
(Optional) Specifies the OSPFv3 cost to send IP packets over the sham-link interface. The range is from 1 to 65535.
ttl-securityhopshop-count
(Optional) Configures Time-to-Live (TTL) security on a sham link. The range is from 1 to 254.
Command Default
A sham link interface is not configured on the router. The default cost is 1.
Command Modes
Address family configuration (config-router-af)
Command History
Release
Modification
15.2(2)S
This command was introduced.
Cisco IOS XE Release 3.6S
This command was integrated into Cisco IOS XE Release 3.6S.
15.1(1)SY
This command was integrated into Cisco IOS Release 15.1(1)SY.
15.2(4)M
This command was integrated into Cisco IOS Release 15.2(4)M.
Usage Guidelines
In the MPLS VPN environment, several VPN client sites can be connected in the same OSPFv3 area. If these sites are connected over a backdoor link in addition to the VPN backbone, all traffic passes over the backdoor link instead of over the VPN backbone. OSPFv3 always selects intra-area routes over inter-area (external) routes.
To correct this default OSPFv3 behavior in an MPLS VPN, use the
areasham-link command to configure a sham link between two PEs to connect the sites through the MPLS VPN backbone. A sham link represents an intra-area (unnumbered point-to-point) connection between PEs. All other routers in the area use the sham link to calculate intra-area shortest path first (SPF) routes to the remote site.
Configure the source and destination addresses of the sham link as an IPv6 host route mask (/128) on the PE routers that serve as the endpoints of the sham link. The source and destination IP addresses must belong to the VPN routing and forwarding instance (VRF) and be advertised by Border Gateway Protocol (BGP) to remote PE routers. The sham-link endpoint addresses should not be advertised by OSPFv3.
The source and destination must be global scope IPv6 addresses in the correct VRF. The source address should be a local interface address, typically a loopback. The destination address should be learned from BGP, not OSPFv3.
Use the
ttl-securityhopshop-count keywords and argument to enable checking of TTL values on OSPFv3 packets from neighbors or to set TTL values sent to neighbors. This option adds an extra layer of protection to OSPFv3. This option is not configurable for OSPFv3.
Examples
The following example shows how to configure an OSPFv3 sham link between two PE routers in an MPLS VPN backbone by using the
areasham-link command on each router:
Enters address family configuration mode for configuring routing
sessions, such as BGP, that use standard IPv6 address prefixes.
redistribute
OSPFv3
Redistributes IPv6 and IPv4 routes from one routing domain into
another routing domain.
routerospfv3
Enters OSPFv3 router configuration mode for the IPv4 or IPv6 address family.
vrf forwarding
Associates a VRF instance or a
virtual network with an interface or subinterface.
area stub
To define an area as a stub area,
use the areastub command in router address family topology or router configuration mode. To disable this function, use the no form of this command.
areastubcommandareaarea-idstub [no-summary]
noareaarea-idstub [no-summary]
Syntax Description
area-id
Identifier for the stub area; either a decimal value or an IP address.
no-summary
(Optional) Prevents an Area Border Router (ABR) from sending summary link advertisements into the stub area.
Command Default
No stub area is defined.
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
You must configure the areastub command on all routers and access servers in the stub area. Use the arearouter configuration command with the default-cost keyword to specify the cost of a default internal route sent into a stub area by an ABR.
There are two stub area router configuration commands: the stub and default-cost options of the area router configuration command. In all routers attached to the stub area, the area should be configured as a stub area using the stub keyword of the area command. Use the default-cost keyword only on an ABR attached to the stub area. Thedefault-cost keyword provides the metric for the summary default route generated by the ABR into the stub area.
To further reduce the number of link-state advertisements (LSAs) sent into a stub area, you can configure the no-summary keyword on the ABR to prevent it from sending summary LSAs (LSA type 3) into the stub area.
Note
To remove the specified area from the software configuration, use the noareaarea-idcommand (with no other keywords). That is, the noareaarea-id command removes all area options, such as areaauthentication, areadefault-cost, areanssa, arearange, areastub, and areavirtual-link.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the areastubcommand in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example assigns a default cost of 20 to stub network 10.0.0.0:
interface ethernet 0
ip address 10.56.0.201 255.255.0.0
!
router ospf 201
network 10.0.0.0 0.255.255.255 area 10.0.0.0
area 10.0.0.0 stub
area 10.0.0.0 default-cost 20
Related Commands
Command
Description
areaauthentication
Enables authentication for an OSPF area.
areadefault-cost
Specifies a cost for the default summary route sent into a stub area.
area virtual-link
To define an Open Shortest Path First (OSPF) virtual link, use the
areavirtual-link command in router address family topology, router configuration, or address family configuration mode. To remove a virtual link, use the
no form of this command.
Area ID assigned to the virtual link. This can be either a decimal value or a valid IPv6 prefix. There is no default.
router-id
Router ID associated with the virtual link neighbor. The router ID appears in the
showipospf or
show
ipv6display command. There is no default.
authentication
Enables virtual link authentication.
key-chain
Configures a key-chain for cryptographic authentication keys.
chain-name
Name of the authentication key that is valid.
hello-intervalseconds
(Optional) Specifies the time (in seconds) between the hello packets that the Cisco IOS software sends on an interface. The hello interval is an unsigned integer value to be advertised in the hello packets. The value must be the same for all routers and access servers attached to a common network. The range is from 1 to 8192. The default is 10.
retransmit-intervalseconds
(Optional) Specifies the time (in seconds) between link-state advertisement (LSA) retransmissions for adjacencies belonging to the interface. The retransmit interval is the expected round-trip delay between any two routers on the attached network. The value must be greater than the expected round-trip delay. The range is from 1 to 8192. The default is 5.
transmit-delayseconds
(Optional) Specifies the estimated time (in seconds) required to send a link-state update packet on the interface. The integer value that must be greater than zero. LSAs in the update packet have their age incremented by this amount before transmission. The range is from 1 to 8192. The default value is 1.
dead-intervalseconds
(Optional) Specifies the time (in seconds) that hello packets are not seen before a neighbor declares the router down. The dead interval is an unsigned integer value. The default is four times the hello interval, or 40 seconds. As with the hello interval, this value must be the same for all routers and access servers attached to a common network.
ttl-securityhopshop-count
(Optional) Configures Time-to-Live (TTL) security on a virtual link. The
hop-count argument range is from 1 to 254.
Command Default
No OSPF virtual link is defined.
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Address family configuration (config-router-af)
Command History
Release
Modification
10.0
This command was introduced.
12.0(24)S
Support for IPv6 was added.
12.2(15)T
Support for IPv6 was added.
12.2(18)S
This command was integrated into Cisco IOS Release 12.2(18)S.
12.2(28)SB
This command was integrated into Cisco IOS Release 12.2(28)SB.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2(33)SXH
This command was integrated into Cisco IOS Release 12.2(33)SXH.
12.2(33)SRC
The
ttl-securityhopshop-count keywords and argument were added.
15.0(1)M
This command was integrated into Cisco IOS Release 15.0(1)M.
15.2(4)S
This command was integrated into Cisco IOS Release 15.2(4)S. This command was made available in the address family configuration mode.
Cisco IOS XE Release 3.7S
This command was integrated into Cisco IOS XE Release 3.7S. This command was made available in the OSPFv3 address family configuration mode.
15.1(1)SY
This command was integrated into Cisco IOS Release 15.1(1)SY.
Cisco IOS XE Release 3.11S
This command was integrated into Cisco IOS XE Release 3.11S. The
authenticationkey-chain keywords were added.
Usage Guidelines
In OSPF, all areas must be connected to a backbone area. A lost connection to the backbone can be repaired by establishing a virtual link.
The shorter the hello interval, the faster topological changes will be detected, but more routing traffic will ensue. The setting of the retransmit interval should be conservative, or needless retransmissions will result. The value should be larger for serial lines and virtual links.
You should choose a transmit delay value that considers the transmission and propagation delays for the interface.
To configure a virtual link in OSPF for IPv6, you must use a router ID instead of an address. In OSPF for IPv6, the virtual link takes the router ID rather than the IPv6 prefix of the remote router.
Use the
ttl-securityhopshop-count keywords and argument to enable checking of TTL values on OSPF packets from neighbors or to set TTL values sent to neighbors. This feature adds an extra layer of protection to OSPF.
Note
In order for a virtual link to be properly configured, each virtual link neighbor must include the transit area ID and the corresponding virtual link neighbor router ID. To display the router ID, use the
showipospf or the
showipv6ospf command in privileged EXEC mode.
Note
To remove the specified area from the software configuration, use the
noareaarea-id command (with no other keywords). That is, the
noareaarea-id command removes all area options, such as
areadefault-cost,
areanssa,
arearange,
areastub, and
areavirtual-link.
Release 12.2(33)SRB
If you plan to configure the Multitopology Routing (MTR) feature, you need to enter the
areavirtual-link command in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example establishes a virtual link with default values for all optional parameters:
ipv6 router ospf 1
log-adjacency-changes
area 1 virtual-link 192.168.255.1
The following example establishes a virtual link in OSPF for IPv6:
The following example shows how to configure the authentication using a key chain for virtual-links:
area 1 virtual-link 1.1.1.1 authentication key-chain ospf-chain-1
Related Commands
Command
Description
area
Configures OSPFv3 area parameters.
showipospf
Enables the display of general information about OSPF routing processes.
showipv6ospf
Enables the display of general information about OSPF routing processes.
ttl-securityhops
Enables checking of TTL values on OSPF packets from neighbors or setting TTL values sent to neighbors.
authentication mode (OSPF)
To specify authentication
mode used in
Open Shortest Path First version 3 (OSPFv3)
, use the
authenticationmode command in router configuration mode or in address-family configuration mode. To restore defaultnormal authentication mode, use theno form of this command.
authenticationmode {strict
| deployment
| normal}
no authenticationmode {strict
| deployment
| normal}
Syntax Description
strict
Disables the usage of expired keys for authentication of OSPFv3 packets.
deployment
Provides seamless deployment by allowing maintaining adjacency between authentication trailer enabled and not-yet-enabled devices.
normal
Restores to default mode of authentication in the address family.
Command Default
The default mode of authentication isnormal mode.
Command Modes
Router configuration (config-router)
Router address family configuration (config-router-af)
Command History
Release
Modification
Cisco IOS XE Release 3.11S
This command was introduced.
Usage Guidelines
The strict mode prevents
usage of last expired send key for authentication of outgoing
packets and also disables the usage of expired accept keys for
authentication of receiving packets. The strict mode is stricter than the normal mode. See
section-3 of RFC 6506 for more details on the normal mode
behavior.
OSPFv3 in deployment mode sends packets with both
authentication trailer and checksums. While receiving packets,
authentication trailer is verified but does not affect adjacency.
These changes allows the device in deployment
mode to maintain neighborship with both non-enabled and
authentication trailer enabled devices. While in deployment mode, the show ospfv3
neighbor detail command displays an additional line that shows
whether last packet was successfully authenticated.
Examples
The following example shows how to specify the authentication type for an OSPFv3 instance using the deployment mode of operation:
Specifies the cryptographic authentication keys for an OSPFv3 instance.
area authentication (key-chain)
Enables authentication trailer for an OSPFv3 area.
auto-cost
To control how Open Shortest Path First (OSPF) calculates
default metrics for the interface, use the auto-costcommand in router configuration mode. To assign cost based only on the interface type, use the no form of this command.
auto-costcommandauto-costreference-bandwidthmbps
noauto-costreference-bandwidth
Syntax Description
reference-bandwidthmbps
Rate in Mbps (bandwidth). The range is from 1 to 4294967; the default is 100.
Command Default
100 Mbps
Command Modes
Router configuration
Command History
Release
Modification
11.2
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
In Cisco IOS Release 10.3 and later releases, by default OSPF will calculate the OSPF metric for an interface according to the bandwidth of the interface. For example, a 64K link will get a metric of 1562, and a T1 link will have a metric of 64.
The OSPF metric is calculated as the ref-bw value divided by the bandwidth, with mbps equal to 108 by default, and bandwidth determined by the bandwidth (interface)command. The calculation gives FDDI a metric of 1.
If you have multiple links with high bandwidth (such as FDDI or ATM), you might want to use a larger number to differentiate the cost on those links.
The value set by the
ip ospf cost
command overrides the cost resulting from the
auto-cost
command.
Examples
The following example changes the cost of the FDDI link to 10, while the gigabit Ethernet link remains at a cost of 1. Thus, the link costs are differentiated.
router ospf 1
auto-cost reference-bandwidth 1000
Related Commands
Command
Description
ipospfcost
Explicitly specifies the cost of sending a packet on an interface.
BFD Deterministic Offload
To host a BFD session either in hardware or software on ES + line cards for Cisco 7600 routers, use the platform bfd offload-timer command in the global configuration mode. Set the Tx timer lower than, or equal to the offload-timer limit, to host the BFD session in hardware, if resources are available. Set the Tx timer that is higher than the offload timer limit to host the BFD session in software.
platformbfdoffload-timeroffload timer
Syntax Description
bfd
Indicates the platform specific BFD commands.
timer-limit
Specifies the tx-timer limit, which if exceeded by any interface session, denies hardware offload for that session. It specifies the rate, in milliseconds, at which BFD packets will be offloaded. The valid range for the milliseconds argument is from 50 to 999.
Command Default
None
Command Modes
Global configuration
Command History
Release
Modification
15.3(3)S
This command was introduced on the Cisco 7600 series routers.
Usage Guidelines
None
Examples
The following shows a sample configuration for the command:
To enable the use of the Link-Local Signalling (LLS) data block in originated Open Shortest Path First (OSPF) packets and reenable OSPF nonstop forwarding (NSF) awareness, use thecapabilityllscommand in router configuration mode. To disable LLS and OSPF NSF awareness, use the no form of this command.
capabilitylls
nocapabilitylls
Syntax Description
This command has no arguments or keywords.
Command Default
LLS is enabled.
Command Modes
Router configuration
Command History
Release
Modification
12.2(15)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(31)SB2
This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.2(33)SXH
This command was integrated into Cisco IOS Release 12.2(31)SXH.
Usage Guidelines
You might want to disable NSF awareness by disabling the use of the LLS data block in originated OSPF packets. You might want to disable NSF awareness if the router has no applications using LLS.
If NSF is configured and you try to disable LLS, you will receive the error message, “OSPF Non-Stop Forwarding (NSF) must be disabled first.”
If LLS is disabled and you try to configure NSF, you will receive the error message, “OSPF Link-Local Signaling (LLS) capability must be enabled first.”
Examples
The following example disables LLS support and OSPF NSF awareness:
router ospf 2
no capability lls
capability transit
To reenable Open Shortest Path First (OSPF) area capability transit after it has been disabled, use thecapabilitytransit command in router configuration mode. To disable OSPF area capability transit on all areas for a router process, use the no form of this command.
capabilitytransit
nocapabilitytransit
Syntax Description
This command has no arguments or keywords.
Command Default
OSPF area capability transit is enabled.
Command Modes
Router configuration
Command History
Release
Modification
12.0(27)S
This command was introduced.
12.3(7)T
This command was integrated into Cisco IOS Release 12.3(7)T.
12.2(25)S
This command was integrated into Cisco IOS Release 12.2(25)S.
12.2(27)SBC
This command was integrated into Cisco IOS Release 12.2(27)SBC.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SXH
This command was integrated into Cisco IOS Release 12.2(33) SXH.
Usage Guidelines
OSPF area capability transit is enabled by default, allowing the OSPF Area Border Router to install better-cost routes to the backbone area through the transit area instead of the virtual links. If you want to retain a traffic pattern through the virtual-link path, you can disable capability transit by entering the nocapabilitytransit command. If paths through the transit area are discovered, they are most likely to be more optimal paths, or at least equal to, the virtual-link path. To reenable capability transit, enter the capabilitytransit command.
If you need to verify whether OSPF area capability transit is enabled for a specific routing process, enter the showipospf command.
Examples
The following example shows how to disable OSPF area capability transit on all areas for a router process named ospf 1. A showipospf command is issued first to display the current areas that have area capability transit enabled. The nocapabilitytransit command is then entered to disable OSPF area capability transit on all areas for the router process ospf 1.
Router# show ip ospf
Routing Process "ospf 1" with ID 10.1.1.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
!Supports area transit capability
It is an area border router
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 8. Checksum Sum 0x02853F
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
!Number of areas transit capable is 1
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 3
Area has no authentication
SPF algorithm last executed 00:02:21.524 ago
SPF algorithm executed 11 times
Area ranges are
Number of LSA 49. Checksum Sum 0x19B5FA
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 38
Flood list length 0
Area 1
Number of interfaces in this area is 3
!This area has transit capability: Virtual Link Endpoint
Area has no authentication
SPF algorithm last executed 00:02:36.544 ago
SPF algorithm executed 9 times
Area ranges are
Number of LSA 42. Checksum Sum 0x1756D5
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Router(config)# router ospf 1
Router(router-config)# no capability transit
Related Commands
Command
Description
showipospf
Displays general information about OSPF routing processes.
capability vrf-lite
To suppress the provider edge (PE) specific checks on a router when the Open Shortest Path First (OSPF) process is associated with the VPN routing and forwarding instance (VRF), use the
capabilityvrf-lite command in router configuration mode. To restore the checks, use the
no form of this command.
capabilityvrf-lite
nocapabilityvrf-lite
Syntax Description
This command has no arguments or keywords.
Command Default
Disabled. PE specific checks are performed if the process is associated with VRF command modes.
Command Modes
Router configuration
Command History
Release
Modification
12.0(21)ST
This command was introduced.
12.0(22)S
This command was integrated into Cisco IOS Release 12.0(22)S.
12.2(8)B
This command was integrated into Cisco IOS Release 12.2(8)B.
12.2(13)T
This command was integrated into Cisco IOS Release 12.2(13)T.
12.2(14)S
This command was integrated into Cisco IOS Release 12.2(14)S.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command works only if the OSPF process is associated with the VRF.
When the OSPF process is associated with the VRF, several checks are performed when link-state advertisements (LSAs) are received. PE checks are needed to prevent loops when the PE is performing a mutual redistribution between OSPF and Border Gateway Protocol (BGP) interfaces.
The table below describes the PE checks performed when Type-3, Type-5, and Type-7 LSAs are received.
Table 1 PE Checks Performed
Type-3 LSA received
The DN bit is checked. If the DN bit is set, the Type-3 LSA is not considered during the shortest path first (SPF) calculation.
Type-5 or -7 LSA received
If the Tag in the LSA is equal to the VPN-tag, the Type-5 or-7 LSA is not considered during the SPF calculation.
In some situations, performing PE checks might not be desirable. The concept of VRFs can be used on a router that is not a PE router (that is, a router that is not running BGP). With the
capabilityvrf-lite command, the checks can be turned off to allow correct population of the VRF routing table with routes to IP prefixes.
Examples
This example shows a router configured with multi-VRF:
router ospf 100 vrf grc
capability vrf-lite
capability vrf-lite
(OSPFv3)
To suppress the
provider edge (PE)-specific checks on a router when the Open Shortest Path
First version 3 (OSPFv3) process is associated with the VPN routing and
forwarding (VRF) instance, use the
capabilityvrf-lite command in address family configuration
mode. To restore the checks, use the
no form of this
command.
capabilityvrf-lite
nocapabilityvrf-lite
Syntax Description
This command has no
arguments or keywords.
Command Default
Disabled.
PE-specific checks are performed if the process is associated with VRF command
modes.
Command Modes
Address family
configuration (config-router-af)#
Command History
Release
Modification
15.2(2)S
This
command was introduced.
Cisco IOS
XE Release 3.6S
This
command was integrated into Cisco IOS XE Release 3.6S.
15.1(1)SY
This
command was integrated into Cisco IOS Release 15.1(1)SY.
15.2(4)M
This
command was integrated into Cisco IOS Release 15.2(4)M.
15.2(1)E
This command was integrated into Cisco IOS Release
15.2(1)E.
Usage Guidelines
This command works
only if the OSPFv3 process is associated with the VRF.
When the OSPFv3
process is associated with the VRF, several checks are performed when
link-state advertisements (LSAs) are received. PE checks are needed to prevent
loops when the PE is performing a mutual redistribution between OSPF and Border
Gateway Protocol (BGP) interfaces.
The table below
describes the PE checks performed when inter-area-prefix LSAs, AS-External
LSAs, or not-so-stubby area (NSSA) LSAs are received.
Table 2 PE Checks Performed
LSA Received
Check
Inter-area-prefix LSAs, AS-External LSAs or NSSA LSAs received
The down bit
(DN) is checked. If the DN bit is set, the inter-area-prefix LSAs, AS-External
LSAs or NSSA LSAs is not considered during the SPF calculation.
Inter-Area-Prefix-LSAs LSA received from nonbackbone area
The OSPFv3 VRF
process acts as an Area Border Router (ABR) and the PE router does ABR-specific
checks. Most noticeably, the router does not consider during shortest path
first (SPF) calculation inter-area-prefix LSAs received from a nonbackbone
(nonzero) area. The
capabilityvrf-lite command disconnects the OSPFv3 process
from the Multiprotocol Label Switching (MPLS) VPN super-backbone and the router
loses ABR status (unless the OSPFv3 process is configured with active backbone
and nonbackbone areas).
Examples
The following
example shows a router in IPv6 address-family configuration mode reconfigured
with multi-VRF:
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
Use the pidargument to clear only one OSPFprocess. If the pidargumentis not specified,all OSPF processesare cleared.
Examples
The following example clears all OSPF processes:
Router# clear ip ospf process
clear ip ospf force-spf
To start the shortest path first (SPF) algorithm without clearing the Open Shortest Path First (OSPF) database, use the clearipospfforce-spf command in privileged EXEC mode.
clearipospf [process-id] force-spf
Syntax Description
process-id
(Optional) Process identifier (ID). The range is from 1 to 65535.
Command Modes
Privileged EXEC (#)
Command History
Release
Modification
15.0(1)M
This command was introduced.
12.2(33)SRE
The command was integrated into Cisco IOS Release 12.2(33)SRE.
12.2(33)XNE
The command was integrated into Cisco IOS Release 12.2(33)XNE.
Usage Guidelines
The clearipospfforce-spf command is used in troubleshooting and for testing purposes. This command is used to verify if the currently computed routes are correct, to generate debug messages, and so on.
Examples
The following example shows how to start the SPF algorithm without first clearing the OSPF database:
Router# clear ip ospf 1000 force-spf
Related Commands
Command
Description
clearipospfredistribution
Clears redistribution based on the OSPF routing process ID.
clear ip ospf traffic
To clear Open Shortest Path First (OSPF) traffic statistics, use the clearipospftraffic command in user EXEC or privileged EXEC mode.
(Optional) Process ID. If the process-id argument is included, only traffic statistics for the specified routing process are cleared.
interface-type
(Optional) Interface type.
interface-number
(Optional) interface number.
Command Modes
User EXEC
Privileged EXEC
Command History
Release
Modification
12.3(11)T
This command was introduced.
12.0(28)S
This command was integrated into Cisco IOS Release 12.0(28)S.
Examples
The following example clears OSPF traffic statistics for the OSPF process 100:
Router# clear ip ospf 100 traffic
Related Commands
Command
Description
showipospftrafficstatistics
Displays OSPF traffic statistics.
clear ipv6 ospf traffic
To reset counters and clear IPv6 OSPFv3 traffic statistics, use the
clearipv6ospftraffic command privileged EXEC mode.
clearipv6ospftraffic
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Release
Modification
12.4(6)T
This command was introduced.
12.2(31)SB2
This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.2(33)SRB
This command was integrated into Cisco IOS Release 12.2(33)SRB.
Examples
The following example resets the counters and clears the OSPFv3 traffics statistics:
Router# clear ipv6 ospf traffic
Related Commands
Command
Description
clearipospftraffic
Clears OSPFv2 traffic statistics.
showipospftraffic
Displays OSPFv2 traffic statistics.
showipv6ospftraffic
Displays OSPFv3 traffic statistics.
compatible rfc1583
To restore the method used to calculate summary route costs per RFC 1583, use the
compatiblerfc1583command in router configuration mode. To disable RFC 1583 compatibility, use the
no form of this command.
compatiblerfc1583
nocompatiblerfc1583
Syntax Description
This command has no arguments or keywords.
Command Default
Compatible with RFC 1583.
Command Modes
Router configuration
Command History
Release
Modification
12.1(2)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command is backward compatible with Cisco IOS Release 12.0.
To minimize the chance of routing loops, all Open Shortest Path First (OSPF) routers in an OSPF routing domain should have RFC compatibility set identically.
Because of the introduction of RFC 2328, OSPF Version 2, the method used to calculate summary route costs has changed. Use the no compatible rfc1583 command to enable the calculation method used per RFC 2328.
Examples
The following example specifies that the router process is compatible with RFC 1583:
router ospf 1
compatible rfc1583
!
compatible rfc1587
To replace RFC 3101 compatibility with RFC 1587 compatibility for route selection in not-so-stubby area (NSSA) Area Border Routers (ABRs), use the
compatiblerfc1587command in router configuration mode or address family configuration mode. To restore RFC 3101 compatibility, use the
no form of this command.
compatiblerfc1587
nocompatiblerfc1587
Syntax Description
This command has no arguments or keywords.
Command Default
Route selection is compatible with RFC 3101.
Command Modes
Router configuration (config-router)
Address family configuration (config-router-af)
Command History
Release
Modification
15.1(2)S
This command was introduced.
15.2(4)S
This command was modified. Support for OSPFv3 was added.
Cisco IOS XE Release 3.7S
This command was integrated into Cisco IOS XE Release 3.7S.
Usage Guidelines
In Cisco IOS Release 15.1(2)S and later releases, RFC 3101 replaces RFC 1587, and RFC 3101 behavior is automatically enabled. You can choose the route selection behavior by configuring a router to run as RFC 3101 or RFC 1587 compatible.
See Appendix F of RFC3101
The OSPF Not-So-Stubby Area (NSSA) Option for a detailed list of differences between RFC1587 and RFC3101.
Examples
The following example specifies that the router process is compatible with RFC 1587:
To configure the
BGP/MPLS VPN domain ID, use the
domain-id
command in address-family configuration mode. To restore the default value, use
the
no form of this
command.
domain-idtypetype-valuevaluehex-value
nodomain-idtypetype-valuevaluehex-value
Syntax Description
typetype-value
BGP
extended community used to carry the domain-id.
valuehex-value
An
arbitrary 48-bit number encoded as 12 hexadecimal digits.
Command Default
The default value
for the
domain-id
command is NULL.
Command Modes
address-family
configuration
Command History
Release
Modification
Cisco IOS
XE Release 3.6S
This
command was introduced.
15.2(4)S
This
command was integrated into Cisco IOS Release 15.2(4)S.
15.2(4)M
This
command was integrated into Cisco IOS Release 15.2(4)M.
15.1(1)SY
This command was integrated into Cisco IOS Release 15.1(1)SY
.
15.2(1)E
This command was integrated into Cisco IOS Release 15.2(1)E.
Usage Guidelines
The value of the
BGP extended community used to carry the domain-id can be one of 0005, 0105,
0205, or 8005. In OSPFv2, a default non-NULL domain-id is provided by using the
process-id of the router instance. In OSPFv3, the default value is NULL.
default-information originate (OSPF)
To generate a default external route into an Open Shortest Path First (OSPF) routing domain, use the
default-informationoriginate command in router configuration or router address family topology configuration mode. To disable this feature, use the
no form of this command.
(Optional) Always advertises the default route regardless of whether the software has a default route.
Note
The
always keyword includes the following exception when the route map is used. When a route map is used, the origination of the default route by OSPF is not bound to the existence of a default route in the routing table and the
always keyword is ignored.
metricmetric-value
(Optional) Metric used for generating the default route. If you omit a value and do not specify a value using the
default-metric router configuration command, the default metric value is 10. The value used is specific to the protocol.
metric-typetype-value
(Optional) External link type associated with the default route that is advertised into the OSPF routing domain. It can be one of the following values:
Type 1 external route.
Type 2 external route.
The default is type 2 external route.
route-mapmap-name
(Optional) The routing process will generate the default route if the route map is satisfied.
Command Default
This command is disabled by default. No default external route is generated into the OSPF routing domain.
Command Modes
Router configuration (config-router) Router address family topology configuration (config-router-af-topology)
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
Whenever you use the
redistribute or thedefault-information router configuration command to redistribute routes into an OSPF routing domain, the Cisco IOS software automatically becomes an Autonomous System Boundary Router (ASBR). However, an ASBR does not, by default, generate a default route into the OSPF routing domain. The software must still have a default route for itself before it generates one, except when you have specified the
always keyword.
When a route map is used, the origination of the default route by OSPF is not bound to the existence of a default route in the routing table.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the
default-informationoriginatecommand in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example specifies a metric of 100 for the default route that is redistributed into the OSPF routing domain and specifies an external metric type of 1:
Accepts exterior or default information into Enhanced Interior Gateway Routing Protocol (EIGRP) processes.
default-metric
Sets default metric values for routes.
redistribute(IP)
Redistributes routes from one routing domain into another routing domain.
default-metric (OSPF)
To set default metric values for the Open Shortest Path First (OSPF) routing protocol,
use the default-metric command in router address family topology or router configuration mode. To r
eturn to the default state, use the no form of this command.
default-metricmetric-value
nodefault-metricmetric-value
Syntax Description
metric-value
Default metric value appropriate for the specified routing protocol.
Command Default
Built-in, automatic metric translations, as appropriate for each routing protocol. The metric of redistributed connected and static routes is set to 0.
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Command History
Release
Modification
10.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
T
he default-metric command is used in conjunction with the redistribute router configuration command to cause the current routing protocol to use the same metric value for all redistributed routes. A default metric helps solve the problem of redistributing routes with incompatible metrics. Whenever metrics do not convert, using a default metric provides a reasonable substitute and enables the redistribution to proceed.
Note
When enabled, thedefault-metric command applies a metric value of 0 to redistributed connected routes. The default-metric command does not override metric values that are applied with the redistribute command.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the default-metric command in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example shows a router in autonomous system 109 using both the Routing Information Protocol (RIP) and the OSPF routing protocols. The example advertises OSPF-derived routes using RIP and assigns the OSPF-derived routes a RIP metric of 10.
Redistributes routes from one routing domain into another routing domain.
discard-route
To reinstall an external or internal discard route that was previously removed, use the discard-route command in router address family topology configuration or router configuration mode. To remove an external or internal discard route, use the no form of this command.
(Optional) Specifies the discard-route entry for redistributed summarized routes on an Autonomous System Boundary Router (ASBR).
internal
(Optional) Specifies the discard-route entry for summarized internal routes on the Area Border Router (ABR).
distance
(Optional) Administrative distance. A value between 1 and 254. The default administrative distance for external and internal discard routes is 254 and 110, respectively.
Command Default
External and internal discard-route entries are installed.
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Command History
Release
Modification
12.1(1)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
12.4(15)T
The distance argument was added.
12.2(33)SRC
The distance argument was integrated into Cisco IOS Release 12.2(33)SRC.
12.2(33)SB
This command was integrated into Cisco IOS Release 12.2(33)SB.
Usage Guidelines
External and internal discard-route entries are installed in routing tables by default. During route summarization, routing loops may occur when data is sent to a nonexisting network that appears to be a part of the summary, and the router that is performing the summarization has a less specific route (pointing back to the sending router) for this network in its routing table. To prevent the routing loop, a discard route entry is installed in the routing table of the ABR or ASBR.
If for any reason you do not want to use the external or internal discard route, remove the discard route by entering the nodiscard-route command with the external or internal keyword.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the discard-routecommand in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Release 12.4(15)T
Prior to Cisco IOS Release 12.4(15)T, both external and internal discard routes were installed using the default OSPF intra-area administrative distance 110. You can now modify this default distance for discard routes by entering a new administrative distance for the distance argument of the discard-route command.
Examples
The following display shows the discard-route functionality installed by default. When external or internal routes are summarized, a summary route to Null0 will appear in the router output from the showiproute command. See the router output lines that refer to Null0:
Router# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is variably subnetted, 3 subnets, 2 masks
C 172.16.0.128/25 is directly connected, Loopback1
O 172.16.0.0/24 is a summary, 00:00:14, Null0
C 172.16.0.0/25 is directly connected, Loopback0
172.31.0.0/24 is variably subnetted, 3 subnets, 2 masks
C 172.31.0.128/25 is directly connected, Loopback3
O 172.31.0.0/24 is a summary, 00:00:02, Null0
C 172.31.0.0/25 is directly connected, Loopback2
C 192.168.0.0/24 is directly connected, Ethernet0/0
Router# show ip route ospf
172.16.0.0/24 is variably subnetted, 3 subnets, 2 masks
O 172.16.0.0/24 is a summary, 00:00:29, Null0
172.16.0.0/24 is variably subnetted, 3 subnets, 2 masks
O 172.16.0.0/24 is a summary, 00:00:17, Null0
When the nodiscard-route command with the internal keyword is entered, notice the following route change, indicated by the router output lines that that refer to Null0:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# router ospf 1
Router(config-router)# no discard-route internal
Router(config-router)# end
Router# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is variably subnetted, 3 subnets, 2 masks
C 172.16.0.128/25 is directly connected, Loopback1
C 172.16.0.0/25 is directly connected, Loopback0
172.31.0.0/24 is variably subnetted, 3 subnets, 2 masks
C 172.31.0.128/25 is directly connected, Loopback3
O 172.31.0.0/24 is a summary, 00:00:02, Null0
C 172.31.0.0/25 is directly connected, Loopback2
C 192.168.0.0/24 is directly connected, Ethernet0/0
Router# show ip route ospf
172.31.0.0/24 is variably subnetted, 3 subnets, 2 masks
O 172.16.0.0/24 is a summary, 00:04:14, Null0
Next, thenodiscard-route command with the external keyword is entered to remove the external discard route entry:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# router ospf 1
Router(config-router)# no discard-route external
Router(config-router)# end
The following router output from the show running-config command confirms that both the external and internal discard routes have been removed from the routing table of the router. See the router output lines that that refer to discard routes.
Router# show running-config
Building configuration...
Current configuration : 1114 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
.
.
.
router ospf 1
log-adjacency-changes
no discard-route external
no discard-route internal
area 1 range 172.16.0.0 255.255.255.0
summary-address 172.31.0.0 255.255.255.0
redistribute rip subnets
network 192.168.0.0 0.0.0.255 area 0
network 172.16.0.0 0.0.0.255 area 1
!
Related Commands
Command
Description
showiproute
Displays the current state of the routing table.
showrunning-config
Displays the contents of the currently running configuration file, the configuration for a specific interface, or map class information.
distance ospf
To define Open Shortest Path First (OSPF) route administrative distances based on route type, use the distanceospf command in router address family topology or router configuration mode. To restore the default value, use the no form of this command.
(Optional) Sets the distance for routes from other routing domains, learned by redistribution. Range is 1 to 255. The default value is 110.
inter-areadist2
(Optional) Sets the distance for all routes from one area to another area. Range is 1 to 255. The default value is 110.
intra-areadist3
(Optional) Sets the distance for all routes within an area. Range is 1 to 255. The default value is 110.
Command Default
dist1: 110
dist2: 110
dist3: 110
Command Modes
Router address family topology configuration (config-router-af-topology)
Router configuration (config-router)
Command History
Release
Modification
11.1(14)
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(33)SRB
This command was made available in router address family topology configuration mode.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
You must specify at least one of the keywords.
This command performs the same function as the distance command used with an access list. However, the distanceospfcommand allows you to set a distance for an entire group of routes, rather than a specific route that passes an access list.
A common reason to use the distanceospf command is when you have multiple OSPF processes with mutual redistribution, and you want to prefer internal routes from one over external routes from the other.
Release 12.2(33)SRB
If you plan to configure the Multi-Topology Routing (MTR) feature, you need to enter the distanceospfcommand in router address family topology configuration mode in order for this OSPF router configuration command to become topology-aware.
Examples
The following example changes the external distance to 200, making the route less reliable:
To define an administrative distance, use the
distance command in router configuration mode or VRF configuration mode. To remove the
distance command and restore the system to its default condition, use the
no form of this command.
distance weight
[ ip-address wildcard-mask
[ access-list name ] ]
no distanceweight ip-address wildcard-mask
[ access-list-name ]
Syntax Description
weight
Administrative distance. Range is 10 to 255. Used alone, the
weight argument specifies a default administrative distance that the software uses when no other specification exists for a routing information source. Routes with a distance of 255 are not installed in the routing table. The table in the “Usage Guidelines” section lists the default administrative distances.
ip-address
(Optional) IP address in four-part dotted-decimal notation.
wildcard-mask
(Optional) Wildcard mask in four-part, dotted-decimal format. A bit set to 1 in the
wildcard-mask argument instructs the software to ignore the corresponding bit in the address value.
access-list-name
(Optional) Name of an IP access list to be applied to incoming routing updates.
Command Default
If this command is not specified, the administrative distance is the default. The table in the “Usage Guidelines” section lists the default administrative distances.
Command Modes
Router configuration (config-router)
VRF configuration (config-vrf)
Command History
Release
Modification
2.0
This command was introduced
3.2
This command was modified. The
ip-address and
wildcard-mask arguments for the
no form of the command changed from optional to required.
3.3.0
This command was modified. It was added under the VRF configuration mode.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the appropriate task IDs. If the user group assignment is preventing you from using a command contact your AAA administrator for assistance.
An administrative distance is an integer from 10 to 255. In general, the higher the value, the lower the trust rating. An administrative distance of 255 means that the routing information source cannot be trusted at all and should be ignored. Weight values are subjective; no quantitative method exists for choosing weight values.
If an access list is used with this command, it is applied when a network is being inserted into the routing table. This behavior allows you to filter networks based on the IP prefix supplying the routing information. For example, you could filter possibly incorrect routing information from networking devices not under your administrative control.
The order in which you enter
distance commands can affect the assigned administrative distances, as shown in the “Examples” section. The following table lists default administrative distances.
Table 3 Default Administrative Distances
Rate Source
Default Distance
Connected interface
0
Static route out on interface
0
Static route to next hop
1
EIGRP summary route
5
External BGP
20
Internal EIGRP
90
OSPF
110
IS-IS
115
RIP version 1 and 2
120
External EIGRP
170
Internal BGP
200
Unknown
255
Task ID
Task ID
Operations
ospf
read, write
Examples
In the following example, the
router ospf command sets up Open Shortest Path First (OSPF) routing instance 1. The first
distance command sets the default administrative distance to 255, which instructs the software to ignore all routing updates from networking devices for which an explicit distance has not been set. The second
distance command sets the administrative distance for all devices on the network 192.168.40.0 to 90.
Allows the use of external, internal, and local administrative distances that could be a better route to a BGP node.
distance ospf
Allows the use of external, internal, and local administrative distances that could be a better route to an OSPF node.
router ospf
Configures the OSPF routing process.
domain-id (OSPF)
To change the OSPF domain ID that is used during the redistribution of BGP VPNv4 routes to OSPF, use the
domain-id command in router configuration mode. To restore the default value, use the
no form of this command.
(Optional) Specifies the secondary domain ID in IP address format.
null
No domain ID is associated with the process.
typetype-value
OSPF domain ID type in hexadecimal format.
valuehex-value
OSPF domain ID value in hexadecimal format.
secondary
(Optional) Specifies the secondary domain ID type in hexadecimal format.
Command Default
The default value for the
domain-id command is equal to the OSPF process ID.
Command Modes
Router configuration
Command History
Release
Modification
12.3(2)
This command was introduced.
Usage Guidelines
The domain ID is an 8-byte value that identifies the OSPF domain of the prefix. When the OSPF route is redistributed to the BGP VPNv4 route in the MPLS VPN context, the domain ID extended community is attached to the BGP update. The domain ID is used on the egress provider-edge (PE) router, when the BGP VPNv4 route is redistributed to OSPF to decide what type of link-state advertisement (LSA) to generate as a result of the redistribution of the BGP VPNv4 route.
Examples
The following example shows how to change the OSPF domain ID using the
domain-id command where the primary domain ID is a valid IP address and the secondary domain ID is a valid hexadecimal value:
Router(config)# router ospf 100 vrf abcd
Router(config-router)# domain-id 10.2.3.4
Router(config-router)# domain-id type 0005 value CAFECAFECAFE secondary
domain-id (OSPFv3)
To configure the
BGP/MPLS VPN domain ID, use the
domain-id
command in address-family configuration mode. To restore the default value, use
the
no form of this
command.
domain-idtypetype-valuevaluehex-value
nodomain-idtypetype-valuevaluehex-value
Syntax Description
typetype-value
BGP
extended community used to carry the domain-id.
valuehex-value
An
arbitrary 48-bit number encoded as 12 hexadecimal digits.
Command Default
The default value
for the
domain-id
command is NULL.
Command Modes
address-family
configuration
Command History
Release
Modification
Cisco IOS
XE Release 3.6S
This
command was introduced.
15.2(4)S
This
command was integrated into Cisco IOS Release 15.2(4)S.
15.2(4)M
This
command was integrated into Cisco IOS Release 15.2(4)M.
15.1(1)SY
This command was integrated into Cisco IOS Release 15.1(1)SY
.
15.2(1)E
This command was integrated into Cisco IOS Release 15.2(1)E.
Usage Guidelines
The value of the
BGP extended community used to carry the domain-id can be one of 0005, 0105,
0205, or 8005. In OSPFv2, a default non-NULL domain-id is provided by using the
process-id of the router instance. In OSPFv3, the default value is NULL.
domain-tag
To s
et the Open Shortest Path First (OSPF) domain tag value for Type-5 or Type-7 link-state advertisements (LSAs) when OSPF is used as a protocol between a provider edge (PE) router and customer edge (CE) router, use the domain-tag command in router configuration mode. To reinstate the default tag value, use the no form of this command.
domain-tagtag-value
nodomain-tagtag-value
Syntax Description
tag-value
Tag value. A 32-bit value entered in decimal format. The default value is calculated based on the Border Gateway Protocol (BGP) autonomous system number of the Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) backbone. The four highest bits are set to 1101 according to RFC 1745. The lowest 16 bits map the BGP autonomous system (AS) number of the MPLS VPN backbone. If a user specifies the tag-value, the value does not have to follow any particular format.
Command Default
The default value is calculated based on the BGP autonomous system number of the MPLS VPN backbone. The four highest bits are set to 1101 according to RFC 1745. The lowest 16 bits map the BGP autonomous system number of the MPLS VPN backbone.
Command Modes
Router configuration
Command History
Release
Modification
12.1(7)
This command was introduced.
12.1(7)E
This command was integrated into Cisco IOS Release 12.1(7)E.
12.1(7)EC
This command was integrated into Cisco IOS Release 12.1(7)EC.
12.0(17)ST
This command was integrated into Cisco IOS Release 12.0(17)ST.
12.2(2)B
This command was integrated into Cisco IOS Release 12.2(4)B.
12.2(14)S
This command was integrated into Cisco IOS Release 12.2(14)S.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
When OSPF is used between a PE router and a CE router, BGP routes that come from the MPLS backbone are redistributed to OSPF. These redistributed routes can be announced in Type-3, Type-5, or Type-7 LSAs. If the redistribution of the BGP routes results in Type-5 or Type-7 LSAs, the External Route Tag will be set to the value of the tag. If another PE router receives a Type-5 or Type-7 LSA with an External Route Tag equal to the set tag value, it will ignore the LSA, therefore preventing the redistributed routes that originated from the MPLS backbone from returning via some other location on the MPLS backbone.
Examples
The following example configures the tag value 777:
Theshowipospfdatabase command is entered to verify that the tag value 777 has been applied to the External Route Tag:
Router# show ospf database external 192.168.50.1
OSPF Router with ID (192.168.239.66) (Process ID 10)
Type-5 AS External Link States
LS age: 18
Options: (No TOS-capability, DC)
S Type: AS External Link
Link State ID: 192.168.238.1 (External Network Number )
Advertising Router: 192.168.239.66
LS Seq Number: 80000002
Checksum: 0xDAB0
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 777
.
.
.
OSPF Router with ID (198.168.237.56) (Process ID 1)
Related Commands
Command
Description
showospfdatabase
Displays lists of information related to the OSPF database for a specific router.
fast-reroute keep-all-paths
To create a list of all the candidate repair paths considered when a per-prefix loop-free alternate (LFA) Fast Reroute (FRR) route is computed, use the
fast-reroutekeep-all-paths command in router configuration mode. To disable prefix priority, use the
no form of this command.
fast-reroutekeep-all-paths
nofast-reroutekeep-all-paths
Syntax Description
This command has no arguments or keywords.
Command Default
A list of candidate repair paths is not created.
Command Modes
Router configuration (config-router)#
Command History
Release
Modification
15.1(3)S
This command was introduced.
Cisco IOS XE Release 3.4S
This command was integrated into Cisco IOS XE Release 3.4S.
Usage Guidelines
You can use the
fast-reroutekeep-all-paths command to display all the candidate repair paths that are considered when an LFA FRR repair path is computed. You can use this list to troubleshoot repair paths without having to enable debugs, but it greatly increases memory consumption so it should be reserved for testing.
Examples
The following example shows how to create a list of all the candidate LFA FRR repair paths considered:
Displays debugging information for per-prefix LFA FRR paths.
fast-rerouteper-prefixenable(OSPF)
Configures a per-prefix LFA FRR path that redirects traffic to an alternative next hop other than the primary neighbor.
fast-reroutetie-break(OSPF)
Configures the tiebreaking policy in selecting an LFA FRR repair path.
ipospffast-rerouteper-prefix
Configures an interface as either protecting or protected.
prefix-priority
Configures a set of prefixes to have high priority for protection in an OSPF local RIB.
showipospffast-reroute
Displays information about prefixes protected by LFA FRR repair paths.
showipospfinterface
Displays OSPF interface information.
showipospfneighbor
Displays OSPF neighbor information on a per-interface basis.
showipospfrib
Displays information for the OSPF local RIB or locally redistributed routes.
fast-reroute per-prefix enable (OSPF)
To configure a per-prefix loop-free alternate (LFA) Fast Reroute (FRR) path that redirects traffic to an alternative next hop other than the primary neighbor, use the
fast-rerouteper-prefixenable command in router configuration mode. To disable prefix priority, use the
no form of this command.
fast-rerouteper-prefixenable
[ areaarea-id ]
prefix-priority
{ high | low }
nofast-rerouteper-prefixenable
[ areaarea-id ]
prefix-priority
{ high | low }
Syntax Description
area
(Optional) Specifies an area in which to enable LFA FRR.
area-id
OSPF area ID expressed as a decimal value or in IP address format.
prefix-priority
Specifies the priority of prefixes to be protected.
high
Sets the prefix priority to high.
low
Sets the prefix priority to low.
Command Default
LFA is enabled.
Command Modes
Router configuration (config-router)#
Command History
Release
Modification
15.1(3)S
This command was introduced.
Cisco IOS XE Release 3.4S
This command was integrated into Cisco IOS XE Release 3.4S.
Examples
The command in the following example configures an LFA and specifies the prefix priority for protection:
Displays debugging information for per-prefix LFA FRR paths.
fast-reroutekeep-all-paths
Creates a list of all the candidate repair paths that were considered when a per-prefix LFA FRR route was computed.
fast-reroutetie-break(OSPF)
Configures the FRR tiebreaking priority.
ipospffast-rerouteper-prefix
Configures an interface as either protecting or protected.
prefix-priority
Configures a set of prefixes to have high priority for protection in an OSPF local RIB.
showipospffast-reroute
Displays information about prefixes protected by LFA FRR repair paths.
showipospfinterface
Displays OSPF interface information.
showipospfneighbor
Displays OSPF neighbor information on a per-interface basis.
showipospfrib
Displays information for the OSPF local RIB or locally redistributed routes.
fast-reroute per-prefix remote-lfa maximum-cost
To configure the maximum distance to the tunnel endpoint in a per-prefix loop-free alternate (LFA) fast reroute (FRR) path that redirects traffic to a remote LFA, use the
fast-reroute per-prefix remote-lfa maximum-cost command in router configuration mode. To disable the configuration, use the
no form of this command.
no fast-rerouteper-prefixremote-lfa
[ areaarea-id ]
maximum-costdistance
Syntax Description
area
(Optional) Specifies an area in which to enable LFA FRR.
area-id
(Optional) OSPF area ID expressed as a decimal value or in IP address format.
distance
Specifies the value of the maximum distance to the tunnel endpoint.
Command Default
The maximum distance to the remote LFA is not enabled.
Command Modes
Router configuration (config-router)
Command History
Release
Modification
15.2(2)S
This command was introduced.
Usage Guidelines
Use this command to limit routers to which remote LFA can create an automatic tunnel to the vicinity of the calculating router.
Examples
The following example shows how to set a maximum cost of 30 in area 2:
Router(config-router)# fast-reroute per-prefix remote-lfa area 2 maximum-cost 30
Related Commands
Command
Description
fast-reroute per-prefix remote-id tunnel
Configures a per-prefix LFA FRR path that redirects traffic to a remote LFA tunnel.
show ip ospf fast-reroute remote-lfa tunnels
Displays a list of tunnel interfaces created by the FRR manager on behalf of OSPF.
fast-reroute per-prefix remote-lfa tunnel
To configure a per-prefix loop-free alternate (LFA) fast reroute (FRR) path that redirects traffic to a remote LFA tunnel, use the
fast-reroute per-prefix remote-lfa tunnel command in router configuration mode. To disable remote LFA, use the
no form of this command.
no fast-rerouteper-prefixremote-lfa
[ areaarea-id ]
tunnelmpls-ldp
Syntax Description
area
(Optional) Specifies an area in which to enable LFA FRR.
area-id
(Optional) OSPF area ID expressed as a decimal value or in IP address format.
mpls-ldp
Enables remote LFA tunneling via Multiprotocol Label Switching (MPLS)-Label Distribution Protocol (LDP).
Command Default
A remote LFA is not enabled.
Command Modes
Router configuration (config-router)#
Command History
Release
Modification
15.2(2)S
This command was introduced.
Usage Guidelines
Use this command to enable the remote LFA feature and to configure the type of an automatically created tunnel.
Examples
The following example shows how to configure a remote per-prefix LFA FRR in area 2. The remote tunnel type is specified as MPLS-LDP:
Router(config-router)# fast-reroute per-prefix remote-lfa area 2 tunnel mpls-ldp
Related Commands
Command
Description
fast-reroute per-prefix remote-lfa maximum-cost
Configures the maximum distance to the tunnel endpoint.
show ip ospf fast-reroute remote-lfa tunnels
Displays a list of tunnel interfaces created by the FRR manager on behalf of OSPF.
fast-reroute tie-break (OSPF)
To configure the tiebreaking policy in selecting in a loop-free alternate (LFA) Fast Reroute (FRR) repair path, use the
fast-reroutetie-break command in router configuration mode. To disable the configuration, use the
no form of this command.
Configures LFAs whose metric to the protected destination is lower than the metric of the protecting node to the destination.
interface-disjoint
Configures the interface protection attribute.
linecard-disjoint
Configures the linecard protection attribute.
node-protecting
Configures the node-protecting repair path attribute.
primary-path
Configures the equal-cost multipath attribute.
secondary-path
Configures the not-equal-cost multipath attribute.
srlg
Configures the shared risk link group (SRLG) attribute.
required
(Optional) Specifies that the tiebreaker is required.
index
Specifies the tiebreak attribute priority.
attribute-priority
The tiebreak attribute priority number. Valid values are from 1 to 255.
lowest-metric
(Configures the lowest metric repair path attribute.
Command Default
If you do not configure a tiebreaker policy, repair path attributes are assigned in the following priority order:
SRLG
Primary path
Interface disjoint
Lowest metric
Line-card disjoint
Node protecting
Broadcast-interface disjoint
Command Modes
Router configuration (config-router)#
Command History
Release
Modification
15.1(3)S
This command was introduced.
Cisco IOS XE Release 3.4S
This command was integrated into Cisco IOS XE Release 3.4S.
Usage Guidelines
You must configure the
routerospf command before you can configure the
fast-reroutetie-break command. You can use the
showipospffast-reroute command to display the default, or the current, tiebreak configuration.
The tiebreaker policy is evaluated in the configured or the default order. If the evaluation does not select any candidate, the repair path is selected by implicit load balancing. This means that repair path selection varies depending on the prefix.
The
primary-path and
secondary-path keywords configure the same attribute: configuring one automatically deletes the other from the tiebreaker policy.
You can configure the
required keyword for all attributes except lowest metric. To be selected as the LFA repair path, a candidate must have all the tiebreaker attributes that are configured as “required.”
Examples
The commands in the following example configures a tiebreaking policy that prioritizes SRLG as a required tiebreaker and sets the priority index for it and for the lower-priority tiebreaking attributes:
Router(config-router)# fast-reroute tie-breaksrlg required index10
Router(config-router)# fast-reroute tie-breaklinecard-disjoint index 15
Router(config-router)# fast-reroute tie-break downstream index 20
Related Commands
Command
Description
debugipospffast-reroute
Displays debugging information for per-prefix LFA FRR paths.
fast-reroutekeep-all-paths
Creates a list of all the candidate repair paths that were considered when a per-prefix LFA FRR route was computed.
fast-rerouteper-prefixenable(OSPF)
Configures a per-prefix loop-free alternative (LFA) route that redirects traffic to an alternative next hop other than the primary neighbor.
ipospffast-rerouteper-prefix
Configures an interface as either protecting or protected.
prefix-priority
Configures a set of prefixes to have high priority for protection in an OSPF local RIB.
routerospf
Configures an OSPF routing process.
showipospffast-reroute
Displays information about prefixes protected by LFA FRR repair paths.
showipospfinterface
Displays OSPF interface information.
showipospfneighbor
Displays OSPF neighbor information on a per-interface basis.
showipospfrib
Displays information for the OSPF local RIB or locally redistributed routes.
ignore lsa mospf
To suppress the sending of syslog messages when the router receives link-state advertisement (LSA) Type 6 Multicast OSPF (
MOSPF) packets, which are unsupported, use the ignorelsamospfcommand in router configuration mode. To restore the sending of syslog messages, use the noform of this command.
ignorelsamospfcommandignorelsamospf
noignorelsamospf
Syntax Description
This command has no arguments or keywords.
Command Default
This command is disabled by default. Each MOSPF packet causes the router to send a syslog message.
Command Modes
Router configuration
Command History
Release
Modification
11.1
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
Cisco routers do not support LSA Type 6 MOSPF packets, and they generate syslog messages if they receive such packets. If the router is receiving many MOSPF packets, you might want to configure the router to ignore the packets and thus prevent a large number of syslog messages.
Examples
The following example configures the router to suppress the sending of syslog messages when it receives MOSPF packets:
router ospf 109
ignore lsa mospf
interface-id snmp-if-index
To configure Open Shortest Path First (OSPF) interfaces with Simple Network Management Protocol (SNMP) MIB-II interface Index (ifIndex) identification numbers, use the interface-idsnmp-if-indexcommand in router configuration mode. To revert to the original interface numbering, use the no form of this command.
interface-idsnmp-if-index
nointerface-idsnmp-if-index
Syntax Description
This command has no arguments or keywords.
Command Default
SNMP MIB-II ifIndex numbering for interfaces is disabled.
Command Modes
Router configuration
Command History
Release
Modification
12.4(6)T
This command was introduced.
12.2(31)SB2
This command was integrated into Cisco IOS Release 12.2(31)SB2.
12.2(33)SRB
This command was integrated into Cisco IOS Release 12.2(33)SRB.
Cisco IOS XE Release 2.6
This command was integrated into Cisco IOS XE Release 2.6
Usage Guidelines
The advantage to using SNMP MIB-II ifIndex numbers to identify OSPF interfaces is that the ifIndex number corresponds to the number that a user will see reported by SNMP. Using the SNMP MIB-II ifIndex is also suggested, but not required, by RFC 2328 for OSPFv2 and by RFC 2740 for OSPFv3.
If you want to use the SNMP MIB-II ifIndex numbers, all interfaces that have OSPF enabled must have an SNMP ifIndex number assigned or else OSPF will not be enabled on those interfaces.
Note
A user may choose not to configure SNMP MIB-II ifIndex numbers in order to maintain consistent behavior across upgrades and among routers that may not have the functionality offered with Cisco IOS Release 12.4(6)T and later releases.
Examples
The following example configures the OSPF interfaces to use SNMP MIB-II ifIndex ID numbers. The output from the showsnmpmibifmibifindex command verifies the configuration.
Router> enable
Router# configure terminal
Router(config)# router ospf 1
Router(config-router)# interface-id snmp-if-index
Router(config-router)# end
Router# show snmp mib ifmib ifindex serial13/0
Serial13/0: Ifindex = 53
Router# show ip ospf 1 1 data router self-originate
OSPF Router with ID (192.168.3.1) (Process ID 1)
Router Link States (Area 1)
LS age: 66
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 192.168.3.1
Advertising Router: 192.168.3.1
LS Seq Number: 80000003
Checksum: 0xE38F
Length: 36
Number of Links: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 192.168.3.7
(Link Data) Router Interface address: 0.0.0.49
Number of MTID metrics: 0
TOS 0 Metrics: 64
Related Commands
Command
Description
showsnmpmibifmibifindex
Displays SNMP interface index identification numbers (ifIndex values) for all the system interfaces or the specified system interface.
ip ospf area
To enable Open
Shortest Path First version 2 (OSPFv2) on an interface, use the
ipospfarea command in interface configuration mode. To
disable OSPFv2 on the interface, use the
no form of this
command.
ipospfprocess-idareaarea-id
[ secondariesnone ]
noipospfprocess-idarea
[ secondariesnone ]
Syntax Description
process-id
A decimal
value in the range from 1 to 65535 that identifies the process ID.
area-id
A decimal
value in the range from 0 to 4294967295, or an IP address.
secondariesnone
(Optional) Prevents secondary IP addresses on the interface from being
advertised.
Command Default
If the
secondariesnonekeywords are entered in the
no form of this
command, the secondary IP addresses will be advertised. If the
secondariesnonekeywords are not present, OSPFv2 will be
disabled.
This
command was integrated into Cisco IOS Release 12.3(11)T.
12.2(1)SB
This
command was integrated into Cisco IOS Release 12.2(1)SB.
12.2(33)SRB
This
command was integrated into Cisco IOS Release 12.2(33)SRB.
Cisco
IOS XE Release 3.2S
This
command was modified. Support was added for this command in virtual network
interface configuration mode.
15.2(2)SNI
This
command was implemented on the Cisco ASR 901 Series Aggregation Services
Routers.
15.2(1)E
This command was integrated into Cisco IOS Release 15.2(1)E.
Usage Guidelines
OSPF is enabled
on an interface when the network address for the interface matches the range of
addresses that is specified by thenetworkarea command that is entered in router
configuration mode. You can enable OSPFv2 explicitly on an interface with the
ipospfarea command that is entered in interface
configuration mode. This capability simplifies the configuration of unnumbered
interfaces with different areas.
Theipospfareacommand that is entered in interface
configuration mode will supersede the effects of the
networkareacommand. Therefore, an interface that is
configured with the
ipospfarea command in interface configuration mode will
not be affected by the
networkareacommand.
Note
If you later
disable the
ipospfarea command, the interface will still run OSPFv2
as long as its network address matches the range of addresses that is specified
by the
networkareacommand.
Examples
The following
example enables OSPFv2 on Ethernet interface 0/0/2 and prevents secondary IP
addresses from being advertised:
Router(config)# interface Ethernet0/0/2
Router(config-if)# ip ospf 10 area 0 secondaries none
Related Commands
Command
Description
interface
Configures an interface type and enters interface configuration mode.
networkarea
Defines
the interfaces on which OSPF runs and defines the area ID for those interfaces.
showipospfinterface
Displays OSPF-related interface information.
ip ospf authentication
To specify the authentication type for an interface, use the
ipospfauthentication command in interface or virtual network interface configuration mode. To remove the authentication for an interface, use the
no form of this command.
ipospfauthentication
[ key-chain name | message-digest | null ]
noipospfauthentication
Syntax Description
key-chainname
(Optional) Specifies key chain name for cryptographic authentication keys.
message-digest
(Optional) Specifies that message-digest authentication is used.
null
(Optional) Specifies that no authentication is used. Use this keyword to override password or message-digest authentication if the keyword is configured for an area.
Command Default
The authentication type for an interface is not configured.
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 3.2S
This command was integrated into Cisco IOS XE Release 3.2S. Support was added for this command in virtual network interface configuration mode.
15.2(2)SNI
This command was implemented on the Cisco ASR 901 Series Aggregation Services Routers.
Cisco IOS XE Release 3.10S
This command was modified. The key-chain keyword and name argument were added.
Usage Guidelines
Before using the
ipospfauthenticationkey-chaincommand, for the key to be operational, configure a password for the interface using the
ipospfauthentication-key command. If you use the
ipospfauthenticationmessage-digestcommand, configure the message-digest key for the interface using the
ipospfmessage-digest-key command.
Before using the
ipospfauthenticationkey-chain command for cryptographic authentication on an interface, define a key chain, a key ID, and a key string, and configure the key with the cryptographic algorithm.
If the authentication type is not specified for an interface, the authentication type for the area is used (the area default is null authentication).
Examples
The following example shows how to enable message-digest authentication:
Device> enable
Device# configure terminal
Device(config)# interface GigabitEthernet0/0/0
Device (config-if)# ip ospf authentication message-digest
Device (config-if)# end
Examples
The following example shows how to enable cryptographic authentication:
Device> enable
Device# configure terminal
Device(config)# interface GigabitEthernet0/0/0
Device (config-if)# ip ospf authentication key-chain samplekeychain
Device (config-if)# end
Related Commands
Command
Description
areaauthentication
Enables authentication for an OSPF area.
ipospfauthentication-key
Assigns a password to be used by neighboring routers that are using the simple password authentication of OSPF.
ipospfmessage-digest-key
Enables OSPF MD5 authentication.
ip ospf authentication-key
To assign a password to be used by neighboring routers that are using the Open Shortest Path First (OSPF) simple password authentication, use the
ipospfauthentication-key command in interface configuration mode. To remove a previously assigned OSPF password, use the no form of this command.
ipospfauthentication-keypassword
noipospfauthentication-key
Syntax Description
password
Any continuous string of characters that can be entered from the keyboard up to 8 bytes in length.
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 3.2S
This command was modified. Support was added for this command in virtual network interface configuration mode.
Usage Guidelines
The password created by this command is used as a “key” that is inserted directly into the OSPF header when the Cisco IOS software originates routing protocol packets. A separate password can be assigned to each network on a per-interface basis. All neighboring routers on the same network must have the same password to be able to exchange OSPF information.
Note
The Cisco IOS software will use this key only when authentication is enabled for an area with the
areaauthentication router configuration command.
Examples
The following example enables the authentication key with the string yourpass:
ip ospf authentication-key yourpass
Related Commands
Command
Description
areaauthentication
Enables authentication for an OSPF area.
ipospfauthentication
Specifies authentication type for an interface.
ip ospf bfd
To enable Bidirectional Forwarding Detection (BFD) on a specific interface configured for Open Shortest Path First (OSPF), use the ipospfbfdcommand in interface configuration mode. To disable BFD on the OSPF interface, use the disable keyword. To remove the ospfbfd command, use the no form of this command.
ipospfbfd [disable]
noipospfbfd
Syntax Description
disable
(Optional) Disables BFD for OSPF on a specified interface.
Command Default
When the disable keyword is not used, the default behavior is to enable BFD support for OSPF on the interface.
This command was integrated into Cisco IOS Release 12.0(31)S.
12.4(4)T
This command was integrated into Cisco IOS Release 12.4(4)T.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
Cisco IOS XE Release 3.2S
This command was modified. Support was added for this command in virtual network interface configuration mode.
15.1(2)SNG
This command was implemented on the Cisco ASR 901 Series Aggregation Services Routers.
Usage Guidelines
Enter the ipospfbfd command to configure an OSPF interface to use BFD for failure detection. If you have used the bfd-allinterfaces command in router configuration mode to globally configure all OSPF interfaces for an OSPF process to use BFD, you can enter the ipospfbfd command in interface configuration mode with the disable keyword to disable BFD for a specific OSPF interface.
Examples
In the following example, the interface associated with OSPF, Fast Ethernet interface 3/0, is configured for BFD:
Router> enable
Router# configure terminal
Router(config)# interface fastethernet 3/0
Router(config-if)# ip ospf bfd
Router(config-if)# end
Related Commands
Command
Description
bfdall-interfaces
Enables BFD for all interfaces for a BFD peer.
ip ospf cost
To explicitly specify the cost of sending a packet on an interface, use the
ipospfcost command in interface configuration mode. To reset the path cost to the default value, use the
no form of this command.
ipospfcostinterface-cost
noipospfcostinterface-cost
Syntax Description
interface-cost
Unsigned integer value expressed as the link-state metric. It can be a value in the range from 1 to 65535.
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 3.2S
This command was modified. Support was added for this command in virtual network interface configuration mode.
Usage Guidelines
You can set the metric manually using this command, if you need to change the default. Using the
bandwidth command changes the link cost as long as this command is not used.
The link-state metric is advertised as the link cost in the router link advertisement. We do not support type of service (ToS), so you can assign only one cost per interface.
In general, the path cost is calculated using the following formula:
108 / bandwidth
Using this formula, the default path costs were calculated as noted in the following list. If these values do not suit your network, you can use your own method of calculating path costs.
56-kbps serial link--Default cost is 1785
64-kbps serial link--Default cost is 1562
T1 (1.544-Mbps serial link)--Default cost is 64
E1 (2.048-Mbps serial link)--Default cost is 48
4-Mbps Token Ring--Default cost is 25
Ethernet--Default cost is 10
16-Mbps Token Ring--Default cost is 6
FDDI--Default cost is 1
X25--Default cost is 5208
Asynchronous--Default cost is 10,000
ATM-- Default cost is 1
Examples
The following example sets the interface cost value to 65:
ip ospf cost 65
ip ospf database-filter all out
To filter outgoing link-state advertisements (LSAs) to an Open Shortest Path First (OSPF) interface, use the
ipospfdatabase-filterallout command in interface or virtual network interface configuration modes. To restore the forwarding of LSAs to the interface, use the
noform of this command.
ipospfdatabase-filterallout [disable]
noipospfdatabase-filterallout
Syntax Description
disable
(Optional) Disables the filtering of outgoing LSAs to an OSPF interface; all outgoing LSAs are flooded to the interface.
Note
This keyword is available only in virtual network interface mode.
Command Default
This command is disabled by default. All outgoing LSAs are flooded to the interface.
Command Modes
Interface configuration (config-if)
Virtual network interface (config-if-vnet)
Command History
Release
Modification
12.0
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 3.2S
This command was modified. The
disable keyword was added. Support was added for this command in virtual network interface configuration mode.
15.0(1)SY
This command was modified. The
disable keyword was added. Support was added for this command in virtual network interface configuration mode.
15.1(1)SG
This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG
This command was integrated into Cisco IOS XE Release 3.3SG.
15.3(2)T
This command was integrated into Cisco IOS Release 15.3(2)T.
Usage Guidelines
This command performs the same function that the
neighbordatabase-filter command performs on a neighbor basis.
If theipospfdatabase-filterallout command is enabled for a virtual network and you want to disable it, use the
disable keyword in virtual network interface configuration mode.
Examples
The following example prevents filtering of OSPF LSAs to broadcast, nonbroadcast, or point-to-point networks reachable through Ethernet interface 0:
interface ethernet 0
ip ospf database-filter all out
Related Commands
Command
Description
neighbordatabase-filter
Filters outgoing LSAs to an OSPF neighbor.
ip ospf dead-interval
To set the interval during which at least one hello packet must be received from a neighbor before the router declares that neighbor down, use the ipospfdead-interval command in interface configuration mode. To restore the default value, use the no form of this command.
Interval (in seconds) during which the router must receive at least one hello packet from a neighbor or else that neighbor is removed from the peer list and does not participate in routing. The range is 1 to 65535. The value must be the same for all nodes on the network.
minimal
Sets the dead interval to 1 second. Using this keyword requires that the hello-multiplierkeyword and multiplier argument are also configured.
hello-multipliermultiplier
Integer value in the range from 3 to 20, representing the number of hello packets sent during 1 second.
Command Default
seconds: Four times the interval set by the ipospfhello-interval command.
The minimal keyword, hello-multiplier keyword and multiplier argument were added to allow Open Shortest Path First (OSPF) support for fast hello packets.
12.2(27)SBC
This command was integrated into Cisco IOS Release 12.2(27)SBC.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 3.2S
This command was modified. Support was added for this command in virtual network interface configuration mode.
Usage Guidelines
The dead interval is advertised in OSPF hello packets. This value must be the same for all networking devices on a specific network.
Specifying a smaller dead interval (seconds) will give faster detection of a neighbor being down and improve convergence, but might cause more routing instability.
OSPF Support for Fast Hello Packets
By specifying the minimal and hello-multiplier keywords with a multiplier argument, you are enabling
OSPF fast hello packets. The minimalkeyword sets the dead interval to 1 second, and the hello-multiplier value sets the number of hello packets sent during that 1 second, thus providing subsecond or “fast” hello packets.
When fast hello packets are configured on the interface, the hello interval advertised in the hello packets that are sent out this interface is set to 0. The hello interval in the hello packets received over this interface is ignored.
The dead interval must be consistent on a segment, whether it is set to 1 second (for fast hello packets) or set to any other value. The hello multiplier need not be the same for the entire segment as long as at least one hello packet is sent within the dead interval.
Use the showipospfinterface command to verify the dead interval and fast hello interval.
Examples
The following example sets the OSPF dead interval to 20 seconds:
interface ethernet 1
ip ospf dead-interval 20
The following example configures OSPF fast hello packets; the dead interval is 1 second and there are five hello packets sent every second:
interface ethernet 1
ip ospf dead-interval minimal hello-multiplier 5
Related Commands
Command
Description
ipospfhello-interval
Interval between hello packets that the Cisco IOS software sends on the interface.
showipospfinterface
Displays OSPF-related information.
ip ospf demand-circuit
To configure Open Shortest Path First (OSPF) to treat the interface as an OSPF demand circuit, use the
ipospfdemand-circuit command in interface configuration mode or virtual network interface configuration mode. To remove the OSPF demand circuit functionality from the interface, use the
no form of this command.
ipospfdemand-circuit [disable] [ignore]
noipospfdemand-circuit
Syntax Description
disable
(Optional) Disables OSPF from treating the interface as an OSPF demand circuit.
Note
This keyword is available only in virtual network interface mode.
ignore
(Optional) Ignores requests from other routers to operate the link in demand-circuit mode.
Command Default
The circuit is not an OSPF demand circuit.
Command Modes
Interface configuration (config-if)
Virtual network interface (config-if-vnet)
Command History
Release
Modification
11.2
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Cisco IOS XE Release 3.2S
This command was modified. The
disable and
ignore keywords were added. Support was added for this command in virtual network interface configuration mode.
15.1(4)M
This command was integrated into Cisco IOS Release15.1(4)M.
15.0(1)SY
This command was modified. The
disable and
ignore keywords were added. Support was added for this command in virtual network interface configuration mode.
15.1(1)SG
This command was integrated into Cisco IOS Release 15.1(1)SG.
Cisco IOS XE Release 3.3SG
This command was integrated into Cisco IOSXE Release 3.3SG.
15.3(2)T
This command was integrated into Cisco IOS Release 15.3(2)T.
Usage Guidelines
On point-to-point interfaces, only one end of the demand circuit must be configured with the
ipospfdemand-circuit command. Periodic hello messages are suppressed and periodic refreshes of link-state advertisements (LSAs) do not flood the demand circuit. This command allows the underlying data-link layer to be closed when the topology is stable. In point-to-multipoint topology, only the multipoint end must be configured with this command.
If theipospfdemand-circuit command is enabled for a virtual network and you want to disable it, use the
disable keyword in virtual network interface configuration mode.
Examples
The following example shows how to configure an OSPF demand circuit for an ISDN on-demand circuit: