Configure OSPFv3 Interfaces, Authentication, and Neighbors

You can click Edit to edit, or use the right-click menu to cut, copy, past, insert, and delete areas.

• Interface—The interface you are configuring.

• Enable OSPFv3—Enables OSPFv3.

• OSPF Process—Choose 1 or 2.

• Area—The area ID for this process.

• Instance —Specifies the area instance ID to be assigned to the interface. An interface can have only one OSPFv3 area. You can use the same area on multiple interfaces, and each interface can use a different area instance ID.

• Filter Outgoing Link Status Advertisements—Filters outgoing LSAs to an OSPFv3 interface. All outgoing LSAs are flooded to the interface by default.

• Disable MTU mismatch detection—Disables the OSPF MTU mismatch detection when DBD packets are received. OSPF MTU mismatch detection is enabled by default.

• Flood Reduction—Changes normal LSAs into Do Not Age LSAs, so that they don't get flooded every 3600 seconds across areas.

  OSPF LSAs are refreshed every 3600 seconds. In large OSPF networks, this can lead to large amounts of unnecessary LSA flooding from area to area.

• Point-to-Point Network—Lets you transmit OSPF routes over VPN tunnels. When an interface is configured as point-to-point, non-broadcast, the following restrictions apply:

  • You can define only one neighbor for the interface.

  • You need to manually configure the neighbor.

  • You need to define a static route pointing to the crypto endpoint.

  • If OSPF over a tunnel is running on the interface, regular OSPF with an upstream router cannot be run on the same interface.

  • You should bind the crypto map to the interface before specifying the OSPF neighbor to ensure that the OSPF updates are passed through the VPN tunnel. If you bind the crypto map to the interface after specifying the OSPF neighbor, use the clear local-host all command to clear OSPF connections so that the OSPF adjacencies can be established over the VPN tunnel.

• Broadcast— Specifies that the interface is a broadcast interface. By default, this check box is checked for Ethernet interfaces. Uncheck this check box to designate the interface as a point-to-point, nonbroadcast interface. Specifying an interface as point-to-point, nonbroadcast lets you transmit OSPF routes over VPN tunnels.

• Cost—Specifies the cost of sending a packet on the interface. Valid values for this setting range from 0 to 255. The default value is 1. Entering 0 for this setting makes the router ineligible to become the designated router or backup designated router. This setting does not apply to interfaces that are configured as point-to-point, nonbroadcast interfaces.

  When two routers connect to a network, both attempt to become the designated router. The device with the higher router priority becomes the designated router. If there is a tie, the router with the higher router ID becomes the designated router.

• Priority—Determines the designated router for a network. Valid values range from 0 to 255.

• Dead Interval—Time period in seconds for which hello packets must not be seen before neighbors indicate that the router is down. The value must be the same for all nodes on the network and can range from 1 to 65535.

• Hello Interval— Time period in seconds between OSPF packets that the router will send before adjacency is established with a neighbor. Once the routing device detects an active neighbor, the hello packet interval changes from the time specified in the poll interval to the time specified in the hello interval. Valid values range from 1 to 65535 seconds.

• Retransmit Interval—Time in seconds between LSA retransmissions for adjacencies that belong to the interface. The time must be greater than the expected round-trip delay between any two routers on the attached network. Valid values range from 1 to 65535 seconds. The default is 5 seconds.

• Transmit Delay—Estimated time in seconds to send a link-state update packet on the interface. Valid values range from 1 to 65535 seconds. The default is 1 second.

• Enable BFD—Allows you to enable BFD on this interface.

• Type—Type of authentication. The available options are Area, Interface, and None. The None option indicates that no authentication is used.

• Security Parameters Index— A number from 256 to 4294967295. Configure this if you chose Interface as the type.

• Authentication—Type of authentication algorithm. Supported values are SHA-1 and MD5. Configure this if you chose Interface as the type.

• Authentication Key— When MD5 authentication is used, the key must be 32 hexadecimal digits (16 bytes) long. When SHA-1 authentication is used, the key must be 40 hexadecimal digits (20 bytes) long.

• Encrypt Authentication Key—Enables encryption of the authentication key.

• Include Encryption— Enables encryption.

• Encryption Algorithm—Type of encryption algorithm. Supported value is DES. The NULL entry indicates no encryption. Configure this if you chose Include Encryption.

• Encryption Key—Enter the encryption key. Configure this if you chose Include Encryption.

• Encrypt Key—Enables the key to be encrypted.

• Link Local Address—The IPv6 address of the static neighbor.

• Cost—Enables cost. Enter the cost in the Cost field, and check the Filter Outgoing Link State Advertisements if you want to advertise.

• (Optional) Poll Interval—Enables the poll interval. Enter the Priority level and the Poll Interval in seconds.