Configuring OSPF timers / OSPF, progagating a default route

Configuring OSPF timers
2.3.5

This page will explain how the hello and dead intervals are configured on an OSPF network.
OSPF routers must have the same hello intervals and the same dead intervals to exchange information. By default, the dead interval is four times the value of the hello interval. This means that a router has four chances to send a hello packet before being declared dead.
On broadcast OSPF networks, the default hello interval is 10 seconds and the default dead interval is 40 seconds. On nonbroadcast networks, the default hello interval is 30 seconds and the default dead interval is 120 seconds. These default values result in efficient OSPF operation and seldom need to be modified.
A network administrator is allowed to choose these timer values. A justification that OSPF network performance will be improved is needed prior to changing the timers. These timers must be configured to match those of any neighboring router.
To configure the hello and dead intervals on an interface, use the following commands:

Router(config-if)#ip ospf hello-intervalseconds

Router(config-if)#ip ospf dead-intervalseconds 

OSPF, propagating a default route

2.3.6

This page will teach students how to configure a default route for an OSPF router.
OSPF routing ensures loop-free paths to every network in the domain. To reach networks outside the domain, either OSPF must know about the network or OSPF must have a default route. To have an entry for every network in the world would require enormous resources for each router.
A practical alternative is to add a default route to the OSPF router connected to the outside network. This route can be redistributed to each router in  the AS through normal OSPF updates.
A configured default route is used by a router to generate a gateway of last resort. The static default route configuration syntax uses the network 0.0.0.0 address and a subnet mask 0.0.0.0:

Router(config)#ip route 0.0.0.0 0.0.0.0 [interface | next-hop address ]

This is referred to as the quad-zero route, and any network address is matched using the following rule. The network gateway is determined by ANDing the packet destination with the subnet mask.
The following configuration statement will propagate this route to all the routers in a normal OSPF area:

Router(config-router)#default-information originate

All routers in the OSPF area will learn a default route provided that the interface of the border router to the default gateway is active.
The Lab Activities will help students configure an OSFP network and then set up a default route.
The next page will discuss some important considerations for OSPF routers. 

Modifying OSPF cost metric / Configuring OSPF authentication

Modifying OSPF cost metric
2.3.3

This page will teach students how to modify cost values on network interfaces.
OSPF uses cost as the metric for determining the best route. A cost is associated with the output side of each router interface. Costs are also associated with externally derived routing data. In general, the path cost is calculated using the formula 10^8/ bandwidth, where bandwidth is expressed in bps. The system administrator can also configure cost by other methods. The lower the cost, the more likely the interface is to be used to forward data traffic. The Cisco IOS automatically determines cost based on the bandwidth of the interface. It is essential for proper OSPF operation that the correct interface bandwidth is set.

Router(config)#interface serial 0/0

Router(config-if)#bandwidth 56

Cost can be changed to influence the outcome of the OSPF cost calculation. A common situation requiring a cost change is in a multi-vendor routing environment. A cost change would ensure that one vendor’s cost value would match another vendor’s cost value. Another situation is when Gigabit Ethernet is being used. The default cost assigns the lowest cost value of 1 to a 100 Mbps link. In a 100-Mbps and Gigabit Ethernet situation, the default cost values could cause routing to take a less desirable path unless they are adjusted. The cost number can be between 1 and 65,535.
Use the following interface configuration command to set the link cost:

Router(config-if)#ip ospf costnumber

The Lab Activities will show students how to modify the OSPF cost metric of an interface.
The next page will explain how OSPF authentication is configured.

Configuring OSPF authentication
2.3.4 


This page will explain why OSPF authentication keys are used and how they are configured.
By default, a router trusts that routing information is coming from a router that should be sending the information. A router also trusts that the information has not been tampered with along the route.
To guarantee this trust, routers in a specific area can be configured to authenticate each other.
Each OSPF interface can present an authentication key for use by routers sending OSPF information to other routers on the segment. The authentication key, known as a password, is a shared secret between the routers. This key is used to generate the authentication data in the OSPF packet header. The password can be up to eight characters. Use the following command syntax to configure OSPF authentication:

Router(config-if)#ip ospf authentication-keypassword

After the password is configured, authentication must be enabled:

Router(config-router)#areaarea-number authentication

With simple authentication, the password is sent as plain text. This means that it can be easily decoded if a packet sniffer captures an OSPF packet.
It is recommended that authentication information be encrypted. To send encrypted authentication information and to ensure greater security, the message-digest keyword is used. The MD5 keyword specifies the type of message-digest hashing algorithm to use, and the encryption type field refers to the type of encryption, where 0 means none and 7 means proprietary.
Use the interface configuration command mode syntax:

Router(config-if)#ip ospf message-digest-keykey-id encryption-type md5key

The key-id is an identifier and takes the value in the range of 1 through 255. The key is an alphanumeric password up to sixteen characters. Neighbor routers must use the same key identifier with the same key value.
The following is configured in router configuration mode:

Router(config-router)#areaarea-id authentication message-digest

MD5 authentication creates a message digest. A message digest is scrambled data that is based on the password and the packet contents. The receiving router uses the shared password and the packet to re-calculate the digest. If the digests match, the router believes that the source and contents of the packet have not been tampered with. The authentication type identifies which authentication, if any, is being used. In the case of message-digest authentication, the authentication data field contains the key-id and the length of the message digest that is appended to the packet. The message digest is like a watermark that cannot be counterfeited.
The Lab Activities will require students to set up an IP address scheme for an OSPF area. Students will then configure OSPF authentication for the area.
The next page will teach students how to configure OSPF timers.