7 :abbr:`OSPF (Open Shortest Path First)` version 2 is a routing protocol which
8 is described in :rfc:`2328`. OSPF is an :abbr:`IGP (Interior Gateway
9 Protocol)`. Compared with :abbr:`RIP`, :abbr:`OSPF` can provide scalable
10 network support and faster convergence times. OSPF is widely used in large
11 networks such as :abbr:`ISP (Internet Service Provider)` backbone and
14 .. include:: ospf_fundamentals.rst
16 .. _configuring-ospfd:
21 *ospfd* accepts all :ref:`common-invocation-options`.
23 .. option:: -n, --instance
25 Specify the instance number for this invocation of *ospfd*.
27 .. option:: -a, --apiserver
29 Enable the OSPF API server
31 *ospfd* must acquire interface information from *zebra* in order to function.
32 Therefore *zebra* must be running before invoking *ospfd*. Also, if *zebra* is
33 restarted then *ospfd* must be too.
35 Like other daemons, *ospfd* configuration is done in :abbr:`OSPF` specific
36 configuration file :file:`ospfd.conf` when the integrated config is not used.
38 .. _ospf-multi-instance:
40 Multi-instance Support
41 ----------------------
43 OSPF supports multiple instances. Each instance is identified by a positive
44 nonzero integer that must be provided when adding configuration items specific
45 to that instance. Enabling instances is done with :file:`/etc/frr/daemons` in
55 The ``ospfd_instances`` variable controls which instances are started and what
56 their IDs are. In this example, after starting FRR you should see the following
61 # ps -ef | grep "ospfd"
62 frr 11816 1 0 17:30 ? 00:00:00 /usr/lib/frr/ospfd --daemon -A 127.0.0.1 -n 1
63 frr 11822 1 0 17:30 ? 00:00:00 /usr/lib/frr/ospfd --daemon -A 127.0.0.1 -n 2
64 frr 11828 1 0 17:30 ? 00:00:00 /usr/lib/frr/ospfd --daemon -A 127.0.0.1 -n 3
67 The instance number should be specified in the config when addressing a particular instance:
73 area 0.0.0.0 authentication message-digest
81 To start OSPF process you have to specify the OSPF router.
83 .. index:: router ospf [(1-65535)] vrf NAME
84 .. clicmd:: router ospf [(1-65535)] vrf NAME
86 .. index:: no router ospf [(1-65535)] vrf NAME
87 .. clicmd:: no router ospf [(1-65535)] vrf NAME
89 Enable or disable the OSPF process.
91 .. index:: ospf router-id A.B.C.D
92 .. clicmd:: ospf router-id A.B.C.D
94 .. index:: no ospf router-id [A.B.C.D]
95 .. clicmd:: no ospf router-id [A.B.C.D]
97 This sets the router-ID of the OSPF process. The router-ID may be an IP
98 address of the router, but need not be - it can be any arbitrary 32bit
99 number. However it MUST be unique within the entire OSPF domain to the OSPF
100 speaker - bad things will happen if multiple OSPF speakers are configured
101 with the same router-ID! If one is not specified then *ospfd* will obtain a
102 router-ID automatically from *zebra*.
104 .. index:: ospf abr-type TYPE
105 .. clicmd:: ospf abr-type TYPE
107 .. index:: no ospf abr-type TYPE
108 .. clicmd:: no ospf abr-type TYPE
110 `type` can be cisco|ibm|shortcut|standard. The "Cisco" and "IBM" types
113 The OSPF standard for ABR behaviour does not allow an ABR to consider
114 routes through non-backbone areas when its links to the backbone are
115 down, even when there are other ABRs in attached non-backbone areas
116 which still can reach the backbone - this restriction exists primarily
117 to ensure routing-loops are avoided.
119 With the "Cisco" or "IBM" ABR type, the default in this release of FRR, this
120 restriction is lifted, allowing an ABR to consider summaries learned from
121 other ABRs through non-backbone areas, and hence route via non-backbone
122 areas as a last resort when, and only when, backbone links are down.
124 Note that areas with fully-adjacent virtual-links are considered to be
125 "transit capable" and can always be used to route backbone traffic, and
126 hence are unaffected by this setting (:clicmd:`area A.B.C.D virtual-link A.B.C.D`).
128 More information regarding the behaviour controlled by this command can
129 be found in :rfc:`3509`, and :t:`draft-ietf-ospf-shortcut-abr-02.txt`.
131 Quote: "Though the definition of the :abbr:`ABR (Area Border Router)`
132 in the OSPF specification does not require a router with multiple
133 attached areas to have a backbone connection, it is actually
134 necessary to provide successful routing to the inter-area and
135 external destinations. If this requirement is not met, all traffic
136 destined for the areas not connected to such an ABR or out of the
137 OSPF domain, is dropped. This document describes alternative ABR
138 behaviors implemented in Cisco and IBM routers."
140 .. index:: ospf rfc1583compatibility
141 .. clicmd:: ospf rfc1583compatibility
143 .. index:: no ospf rfc1583compatibility
144 .. clicmd:: no ospf rfc1583compatibility
146 :rfc:`2328`, the successor to :rfc:`1583`, suggests according
147 to section G.2 (changes) in section 16.4 a change to the path
148 preference algorithm that prevents possible routing loops that were
149 possible in the old version of OSPFv2. More specifically it demands
150 that inter-area paths and intra-area backbone path are now of equal preference
151 but still both preferred to external paths.
153 This command should NOT be set normally.
155 .. index:: log-adjacency-changes [detail]
156 .. clicmd:: log-adjacency-changes [detail]
158 .. index:: no log-adjacency-changes [detail]
159 .. clicmd:: no log-adjacency-changes [detail]
161 Configures ospfd to log changes in adjacency. With the optional
162 detail argument, all changes in adjacency status are shown. Without detail,
163 only changes to full or regressions are shown.
165 .. index:: passive-interface INTERFACE
166 .. clicmd:: passive-interface INTERFACE
168 .. index:: no passive-interface INTERFACE
169 .. clicmd:: no passive-interface INTERFACE
171 Do not speak OSPF interface on the
172 given interface, but do advertise the interface as a stub link in the
173 router-:abbr:`LSA (Link State Advertisement)` for this router. This
174 allows one to advertise addresses on such connected interfaces without
175 having to originate AS-External/Type-5 LSAs (which have global flooding
176 scope) - as would occur if connected addresses were redistributed into
177 OSPF (:ref:`redistribute-routes-to-ospf`). This is the only way to
178 advertise non-OSPF links into stub areas.
180 .. index:: timers throttle spf DELAY INITIAL-HOLDTIME MAX-HOLDTIME
181 .. clicmd:: timers throttle spf DELAY INITIAL-HOLDTIME MAX-HOLDTIME
183 .. index:: no timers throttle spf
184 .. clicmd:: no timers throttle spf
186 This command sets the initial `delay`, the `initial-holdtime`
187 and the `maximum-holdtime` between when SPF is calculated and the
188 event which triggered the calculation. The times are specified in
189 milliseconds and must be in the range of 0 to 600000 milliseconds.
191 The `delay` specifies the minimum amount of time to delay SPF
192 calculation (hence it affects how long SPF calculation is delayed after
193 an event which occurs outside of the holdtime of any previous SPF
194 calculation, and also serves as a minimum holdtime).
196 Consecutive SPF calculations will always be separated by at least
197 'hold-time' milliseconds. The hold-time is adaptive and initially is
198 set to the `initial-holdtime` configured with the above command.
199 Events which occur within the holdtime of the previous SPF calculation
200 will cause the holdtime to be increased by `initial-holdtime`, bounded
201 by the `maximum-holdtime` configured with this command. If the adaptive
202 hold-time elapses without any SPF-triggering event occurring then
203 the current holdtime is reset to the `initial-holdtime`. The current
204 holdtime can be viewed with :clicmd:`show ip ospf`, where it is expressed as
205 a multiplier of the `initial-holdtime`.
210 timers throttle spf 200 400 10000
213 In this example, the `delay` is set to 200ms, the initial holdtime is set to
214 400ms and the `maximum holdtime` to 10s. Hence there will always be at least
215 200ms between an event which requires SPF calculation and the actual SPF
216 calculation. Further consecutive SPF calculations will always be separated
217 by between 400ms to 10s, the hold-time increasing by 400ms each time an
218 SPF-triggering event occurs within the hold-time of the previous SPF
221 This command supercedes the *timers spf* command in previous FRR
224 .. index:: max-metric router-lsa [on-startup|on-shutdown] (5-86400)
225 .. clicmd:: max-metric router-lsa [on-startup|on-shutdown] (5-86400)
227 .. index:: max-metric router-lsa administrative
228 .. clicmd:: max-metric router-lsa administrative
230 .. index:: no max-metric router-lsa [on-startup|on-shutdown|administrative]
231 .. clicmd:: no max-metric router-lsa [on-startup|on-shutdown|administrative]
233 This enables :rfc:`3137` support, where the OSPF process describes its
234 transit links in its router-LSA as having infinite distance so that other
235 routers will avoid calculating transit paths through the router while still
236 being able to reach networks through the router.
238 This support may be enabled administratively (and indefinitely) or
239 conditionally. Conditional enabling of max-metric router-lsas can be for a
240 period of seconds after startup and/or for a period of seconds prior to
243 Enabling this for a period after startup allows OSPF to converge fully first
244 without affecting any existing routes used by other routers, while still
245 allowing any connected stub links and/or redistributed routes to be
246 reachable. Enabling this for a period of time in advance of shutdown allows
247 the router to gracefully excuse itself from the OSPF domain.
249 Enabling this feature administratively allows for administrative
250 intervention for whatever reason, for an indefinite period of time. Note
251 that if the configuration is written to file, this administrative form of
252 the stub-router command will also be written to file. If *ospfd* is
253 restarted later, the command will then take effect until manually
256 Configured state of this feature as well as current status, such as the
257 number of second remaining till on-startup or on-shutdown ends, can be
258 viewed with the :clicmd:`show ip ospf` command.
260 .. index:: auto-cost reference-bandwidth (1-4294967)
261 .. clicmd:: auto-cost reference-bandwidth (1-4294967)
263 .. index:: no auto-cost reference-bandwidth
264 .. clicmd:: no auto-cost reference-bandwidth
266 This sets the reference
267 bandwidth for cost calculations, where this bandwidth is considered
268 equivalent to an OSPF cost of 1, specified in Mbits/s. The default is
269 100Mbit/s (i.e. a link of bandwidth 100Mbit/s or higher will have a
270 cost of 1. Cost of lower bandwidth links will be scaled with reference
273 This configuration setting MUST be consistent across all routers within the
276 .. index:: network A.B.C.D/M area A.B.C.D
277 .. clicmd:: network A.B.C.D/M area A.B.C.D
279 .. index:: network A.B.C.D/M area (0-4294967295)
280 .. clicmd:: network A.B.C.D/M area (0-4294967295)
282 .. index:: no network A.B.C.D/M area A.B.C.D
283 .. clicmd:: no network A.B.C.D/M area A.B.C.D
285 .. index:: no network A.B.C.D/M area (0-4294967295)
286 .. clicmd:: no network A.B.C.D/M area (0-4294967295)
288 This command specifies the OSPF enabled interface(s). If the interface has
289 an address from range 192.168.1.0/24 then the command below enables ospf
290 on this interface so router can provide network information to the other
291 ospf routers via this interface.
296 network 192.168.1.0/24 area 0.0.0.0
298 Prefix length in interface must be equal or bigger (i.e. smaller network) than
299 prefix length in network statement. For example statement above doesn't enable
300 ospf on interface with address 192.168.1.1/23, but it does on interface with
301 address 192.168.1.129/25.
303 Note that the behavior when there is a peer address
304 defined on an interface changed after release 0.99.7.
305 Currently, if a peer prefix has been configured,
306 then we test whether the prefix in the network command contains
307 the destination prefix. Otherwise, we test whether the network command prefix
308 contains the local address prefix of the interface.
310 In some cases it may be more convenient to enable OSPF on a per
311 interface/subnet basis (:clicmd:`ip ospf area AREA [ADDR]`).
319 .. index:: area A.B.C.D range A.B.C.D/M
320 .. clicmd:: area A.B.C.D range A.B.C.D/M
322 .. index:: area (0-4294967295) range A.B.C.D/M
323 .. clicmd:: area (0-4294967295) range A.B.C.D/M
325 .. index:: no area A.B.C.D range A.B.C.D/M
326 .. clicmd:: no area A.B.C.D range A.B.C.D/M
328 .. index:: no area (0-4294967295) range A.B.C.D/M
329 .. clicmd:: no area (0-4294967295) range A.B.C.D/M
331 Summarize intra area paths from specified area into one Type-3 summary-LSA
332 announced to other areas. This command can be used only in ABR and ONLY
333 router-LSAs (Type-1) and network-LSAs (Type-2) (i.e. LSAs with scope area) can
334 be summarized. Type-5 AS-external-LSAs can't be summarized - their scope is AS.
335 Summarizing Type-7 AS-external-LSAs isn't supported yet by FRR.
340 network 192.168.1.0/24 area 0.0.0.0
341 network 10.0.0.0/8 area 0.0.0.10
342 area 0.0.0.10 range 10.0.0.0/8
345 With configuration above one Type-3 Summary-LSA with routing info 10.0.0.0/8 is
346 announced into backbone area if area 0.0.0.10 contains at least one intra-area
347 network (i.e. described with router or network LSA) from this range.
349 .. index:: area A.B.C.D range IPV4_PREFIX not-advertise
350 .. clicmd:: area A.B.C.D range IPV4_PREFIX not-advertise
352 .. index:: no area A.B.C.D range IPV4_PREFIX not-advertise
353 .. clicmd:: no area A.B.C.D range IPV4_PREFIX not-advertise
355 Instead of summarizing intra area paths filter them - i.e. intra area paths from this
356 range are not advertised into other areas.
357 This command makes sense in ABR only.
359 .. index:: area A.B.C.D range IPV4_PREFIX substitute IPV4_PREFIX
360 .. clicmd:: area A.B.C.D range IPV4_PREFIX substitute IPV4_PREFIX
362 .. index:: no area A.B.C.D range IPV4_PREFIX substitute IPV4_PREFIX
363 .. clicmd:: no area A.B.C.D range IPV4_PREFIX substitute IPV4_PREFIX
365 Substitute summarized prefix with another prefix.
370 network 192.168.1.0/24 area 0.0.0.0
371 network 10.0.0.0/8 area 0.0.0.10
372 area 0.0.0.10 range 10.0.0.0/8 substitute 11.0.0.0/8
375 One Type-3 summary-LSA with routing info 11.0.0.0/8 is announced into backbone area if
376 area 0.0.0.10 contains at least one intra-area network (i.e. described with router-LSA or
377 network-LSA) from range 10.0.0.0/8.
378 This command makes sense in ABR only.
380 .. index:: area A.B.C.D virtual-link A.B.C.D
381 .. clicmd:: area A.B.C.D virtual-link A.B.C.D
383 .. index:: area (0-4294967295) virtual-link A.B.C.D
384 .. clicmd:: area (0-4294967295) virtual-link A.B.C.D
386 .. index:: no area A.B.C.D virtual-link A.B.C.D
387 .. clicmd:: no area A.B.C.D virtual-link A.B.C.D
389 .. index:: no area (0-4294967295) virtual-link A.B.C.D
390 .. clicmd:: no area (0-4294967295) virtual-link A.B.C.D
392 .. index:: area A.B.C.D shortcut
393 .. clicmd:: area A.B.C.D shortcut
395 .. index:: area (0-4294967295) shortcut
396 .. clicmd:: area (0-4294967295) shortcut
398 .. index:: no area A.B.C.D shortcut
399 .. clicmd:: no area A.B.C.D shortcut
401 .. index:: no area (0-4294967295) shortcut
402 .. clicmd:: no area (0-4294967295) shortcut
404 Configure the area as Shortcut capable. See :rfc:`3509`. This requires
405 that the 'abr-type' be set to 'shortcut'.
407 .. index:: area A.B.C.D stub
408 .. clicmd:: area A.B.C.D stub
410 .. index:: area (0-4294967295) stub
411 .. clicmd:: area (0-4294967295) stub
413 .. index:: no area A.B.C.D stub
414 .. clicmd:: no area A.B.C.D stub
416 .. index:: no area (0-4294967295) stub
417 .. clicmd:: no area (0-4294967295) stub
419 Configure the area to be a stub area. That is, an area where no router
420 originates routes external to OSPF and hence an area where all external
421 routes are via the ABR(s). Hence, ABRs for such an area do not need
422 to pass AS-External LSAs (type-5s) or ASBR-Summary LSAs (type-4) into the
423 area. They need only pass Network-Summary (type-3) LSAs into such an area,
424 along with a default-route summary.
426 .. index:: area A.B.C.D stub no-summary
427 .. clicmd:: area A.B.C.D stub no-summary
429 .. index:: area (0-4294967295) stub no-summary
430 .. clicmd:: area (0-4294967295) stub no-summary
432 .. index:: no area A.B.C.D stub no-summary
433 .. clicmd:: no area A.B.C.D stub no-summary
435 .. index:: no area (0-4294967295) stub no-summary
436 .. clicmd:: no area (0-4294967295) stub no-summary
438 Prevents an *ospfd* ABR from injecting inter-area
439 summaries into the specified stub area.
441 .. index:: area A.B.C.D default-cost (0-16777215)
442 .. clicmd:: area A.B.C.D default-cost (0-16777215)
444 .. index:: no area A.B.C.D default-cost (0-16777215)
445 .. clicmd:: no area A.B.C.D default-cost (0-16777215)
447 Set the cost of default-summary LSAs announced to stubby areas.
449 .. index:: area A.B.C.D export-list NAME
450 .. clicmd:: area A.B.C.D export-list NAME
452 .. index:: area (0-4294967295) export-list NAME
453 .. clicmd:: area (0-4294967295) export-list NAME
455 .. index:: no area A.B.C.D export-list NAME
456 .. clicmd:: no area A.B.C.D export-list NAME
458 .. index:: no area (0-4294967295) export-list NAME
459 .. clicmd:: no area (0-4294967295) export-list NAME
461 Filter Type-3 summary-LSAs announced to other areas originated from intra-
462 area paths from specified area.
467 network 192.168.1.0/24 area 0.0.0.0
468 network 10.0.0.0/8 area 0.0.0.10
469 area 0.0.0.10 export-list foo
471 access-list foo permit 10.10.0.0/16
472 access-list foo deny any
474 With example above any intra-area paths from area 0.0.0.10 and from range
475 10.10.0.0/16 (for example 10.10.1.0/24 and 10.10.2.128/30) are announced into
476 other areas as Type-3 summary-LSA's, but any others (for example 10.11.0.0/16
477 or 10.128.30.16/30) aren't.
479 This command is only relevant if the router is an ABR for the specified
482 .. index:: area A.B.C.D import-list NAME
483 .. clicmd:: area A.B.C.D import-list NAME
485 .. index:: area (0-4294967295) import-list NAME
486 .. clicmd:: area (0-4294967295) import-list NAME
488 .. index:: no area A.B.C.D import-list NAME
489 .. clicmd:: no area A.B.C.D import-list NAME
491 .. index:: no area (0-4294967295) import-list NAME
492 .. clicmd:: no area (0-4294967295) import-list NAME
494 Same as export-list, but it applies to paths announced into specified area
495 as Type-3 summary-LSAs.
497 .. index:: area A.B.C.D filter-list prefix NAME in
498 .. clicmd:: area A.B.C.D filter-list prefix NAME in
500 .. index:: area A.B.C.D filter-list prefix NAME out
501 .. clicmd:: area A.B.C.D filter-list prefix NAME out
503 .. index:: area (0-4294967295) filter-list prefix NAME in
504 .. clicmd:: area (0-4294967295) filter-list prefix NAME in
506 .. index:: area (0-4294967295) filter-list prefix NAME out
507 .. clicmd:: area (0-4294967295) filter-list prefix NAME out
509 .. index:: no area A.B.C.D filter-list prefix NAME in
510 .. clicmd:: no area A.B.C.D filter-list prefix NAME in
512 .. index:: no area A.B.C.D filter-list prefix NAME out
513 .. clicmd:: no area A.B.C.D filter-list prefix NAME out
515 .. index:: no area (0-4294967295) filter-list prefix NAME in
516 .. clicmd:: no area (0-4294967295) filter-list prefix NAME in
518 .. index:: no area (0-4294967295) filter-list prefix NAME out
519 .. clicmd:: no area (0-4294967295) filter-list prefix NAME out
521 Filtering Type-3 summary-LSAs to/from area using prefix lists. This command
522 makes sense in ABR only.
524 .. index:: area A.B.C.D authentication
525 .. clicmd:: area A.B.C.D authentication
527 .. index:: area (0-4294967295) authentication
528 .. clicmd:: area (0-4294967295) authentication
530 .. index:: no area A.B.C.D authentication
531 .. clicmd:: no area A.B.C.D authentication
533 .. index:: no area (0-4294967295) authentication
534 .. clicmd:: no area (0-4294967295) authentication
536 Specify that simple password authentication should be used for the given
539 .. index:: area A.B.C.D authentication message-digest
540 .. clicmd:: area A.B.C.D authentication message-digest
542 .. index:: area (0-4294967295) authentication message-digest
543 .. clicmd:: area (0-4294967295) authentication message-digest
545 Specify that OSPF packets must be authenticated with MD5 HMACs within the
546 given area. Keying material must also be configured on a per-interface basis
547 (:clicmd:`ip ospf message-digest-key`).
549 MD5 authentication may also be configured on a per-interface basis
550 (:clicmd:`ip ospf authentication message-digest`). Such per-interface
551 settings will override any per-area authentication setting.
558 .. index:: ip ospf area AREA [ADDR]
559 .. clicmd:: ip ospf area AREA [ADDR]
561 .. index:: no ip ospf area [ADDR]
562 .. clicmd:: no ip ospf area [ADDR]
564 Enable OSPF on the interface, optionally restricted to just the IP address
565 given by `ADDR`, putting it in the `AREA` area. Per interface area settings
566 take precedence to network commands
567 (:clicmd:`network A.B.C.D/M area A.B.C.D`).
569 If you have a lot of interfaces, and/or a lot of subnets, then enabling OSPF
570 via this command may result in a slight performance improvement.
572 .. index:: ip ospf authentication-key AUTH_KEY
573 .. clicmd:: ip ospf authentication-key AUTH_KEY
575 .. index:: no ip ospf authentication-key
576 .. clicmd:: no ip ospf authentication-key
578 Set OSPF authentication key to a simple password. After setting `AUTH_KEY`,
579 all OSPF packets are authenticated. `AUTH_KEY` has length up to 8 chars.
581 Simple text password authentication is insecure and deprecated in favour of
582 MD5 HMAC authentication.
584 .. index:: ip ospf authentication message-digest
585 .. clicmd:: ip ospf authentication message-digest
587 Specify that MD5 HMAC authentication must be used on this interface. MD5
588 keying material must also be configured. Overrides any authentication
589 enabled on a per-area basis
590 (:clicmd:`area A.B.C.D authentication message-digest`)
592 Note that OSPF MD5 authentication requires that time never go backwards
593 (correct time is NOT important, only that it never goes backwards), even
594 across resets, if ospfd is to be able to promptly reestablish adjacencies
595 with its neighbours after restarts/reboots. The host should have system time
596 be set at boot from an external or non-volatile source (e.g. battery backed
597 clock, NTP, etc.) or else the system clock should be periodically saved to
598 non-volatile storage and restored at boot if MD5 authentication is to be
599 expected to work reliably.
601 .. index:: ip ospf message-digest-key KEYID md5 KEY
602 .. clicmd:: ip ospf message-digest-key KEYID md5 KEY
604 .. index:: no ip ospf message-digest-key
605 .. clicmd:: no ip ospf message-digest-key
607 Set OSPF authentication key to a cryptographic password. The cryptographic
610 KEYID identifies secret key used to create the message digest. This ID is
611 part of the protocol and must be consistent across routers on a link.
613 KEY is the actual message digest key, of up to 16 chars (larger strings will
614 be truncated), and is associated with the given KEYID.
616 .. index:: ip ospf cost (1-65535)
617 .. clicmd:: ip ospf cost (1-65535)
619 .. index:: no ip ospf cost
620 .. clicmd:: no ip ospf cost
622 Set link cost for the specified interface. The cost value is set to
623 router-LSA's metric field and used for SPF calculation.
625 .. index:: ip ospf dead-interval (1-65535)
626 .. clicmd:: ip ospf dead-interval (1-65535)
628 .. index:: ip ospf dead-interval minimal hello-multiplier (2-20)
629 .. clicmd:: ip ospf dead-interval minimal hello-multiplier (2-20)
631 .. index:: no ip ospf dead-interval
632 .. clicmd:: no ip ospf dead-interval
634 Set number of seconds for RouterDeadInterval timer value used for Wait Timer
635 and Inactivity Timer. This value must be the same for all routers attached
636 to a common network. The default value is 40 seconds.
638 If 'minimal' is specified instead, then the dead-interval is set to 1 second
639 and one must specify a hello-multiplier. The hello-multiplier specifies how
640 many Hellos to send per second, from 2 (every 500ms) to 20 (every 50ms).
641 Thus one can have 1s convergence time for OSPF. If this form is specified,
642 then the hello-interval advertised in Hello packets is set to 0 and the
643 hello-interval on received Hello packets is not checked, thus the
644 hello-multiplier need NOT be the same across multiple routers on a common
647 .. index:: ip ospf hello-interval (1-65535)
648 .. clicmd:: ip ospf hello-interval (1-65535)
650 .. index:: no ip ospf hello-interval
651 .. clicmd:: no ip ospf hello-interval
653 Set number of seconds for HelloInterval timer value. Setting this value,
654 Hello packet will be sent every timer value seconds on the specified interface.
655 This value must be the same for all routers attached to a common network.
656 The default value is 10 seconds.
658 This command has no effect if
659 :clicmd:`ip ospf dead-interval minimal hello-multiplier (2-20)` is also
660 specified for the interface.
662 .. index:: ip ospf network (broadcast|non-broadcast|point-to-multipoint|point-to-point)
663 .. clicmd:: ip ospf network (broadcast|non-broadcast|point-to-multipoint|point-to-point)
665 .. index:: no ip ospf network
666 .. clicmd:: no ip ospf network
668 Set explicitly network type for specified interface.
670 .. index:: ip ospf priority (0-255)
671 .. clicmd:: ip ospf priority (0-255)
673 .. index:: no ip ospf priority
674 .. clicmd:: no ip ospf priority
676 Set RouterPriority integer value. The router with the highest priority will
677 be more eligible to become Designated Router. Setting the value to 0, makes
678 the router ineligible to become Designated Router. The default value is 1.
680 .. index:: ip ospf retransmit-interval (1-65535)
681 .. clicmd:: ip ospf retransmit-interval (1-65535)
683 .. index:: no ip ospf retransmit interval
684 .. clicmd:: no ip ospf retransmit interval
686 Set number of seconds for RxmtInterval timer value. This value is used when
687 retransmitting Database Description and Link State Request packets. The
688 default value is 5 seconds.
690 .. index:: ip ospf transmit-delay
691 .. clicmd:: ip ospf transmit-delay
693 .. index:: no ip ospf transmit-delay
694 .. clicmd:: no ip ospf transmit-delay
696 Set number of seconds for InfTransDelay value. LSAs' age should be
697 incremented by this value when transmitting. The default value is 1 second.
699 .. index:: ip ospf area (A.B.C.D|(0-4294967295))
700 .. clicmd:: ip ospf area (A.B.C.D|(0-4294967295))
702 .. index:: no ip ospf area
703 .. clicmd:: no ip ospf area
705 Enable ospf on an interface and set associated area.
707 .. _redistribute-routes-to-ospf:
712 .. index:: redistribute (kernel|connected|static|rip|bgp)
713 .. clicmd:: redistribute (kernel|connected|static|rip|bgp)
715 .. index:: redistribute (kernel|connected|static|rip|bgp) ROUTE-MAP
716 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) ROUTE-MAP
718 .. index:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2)
719 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2)
721 .. index:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) route-map WORD
722 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) route-map WORD
724 .. index:: redistribute (kernel|connected|static|rip|bgp) metric (0-16777214)
725 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) metric (0-16777214)
727 .. index:: redistribute (kernel|connected|static|rip|bgp) metric (0-16777214) route-map WORD
728 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) metric (0-16777214) route-map WORD
730 .. index:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) metric (0-16777214)
731 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) metric (0-16777214)
733 .. index:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) metric (0-16777214) route-map WORD
734 .. clicmd:: redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) metric (0-16777214) route-map WORD
736 .. index:: no redistribute (kernel|connected|static|rip|bgp)
737 .. clicmd:: no redistribute (kernel|connected|static|rip|bgp)
739 .. _ospf-redistribute:
741 Redistribute routes of the specified protocol or kind into OSPF, with the
742 metric type and metric set if specified, filtering the routes using the
743 given route-map if specified. Redistributed routes may also be filtered
744 with distribute-lists, see
745 :ref:`ospf distribute-list configuration <ospf-distribute-list>`.
747 Redistributed routes are distributed as into OSPF as Type-5 External LSAs
748 into links to areas that accept external routes, Type-7 External LSAs for
749 NSSA areas and are not redistributed at all into Stub areas, where external
750 routes are not permitted.
752 Note that for connected routes, one may instead use the `passive-interface`
757 clicmd:`passive-interface INTERFACE`.
759 .. index:: default-information originate
760 .. clicmd:: default-information originate
762 .. index:: default-information originate metric (0-16777214)
763 .. clicmd:: default-information originate metric (0-16777214)
765 .. index:: default-information originate metric (0-16777214) metric-type (1|2)
766 .. clicmd:: default-information originate metric (0-16777214) metric-type (1|2)
768 .. index:: default-information originate metric (0-16777214) metric-type (1|2) route-map WORD
769 .. clicmd:: default-information originate metric (0-16777214) metric-type (1|2) route-map WORD
771 .. index:: default-information originate always
772 .. clicmd:: default-information originate always
774 .. index:: default-information originate always metric (0-16777214)
775 .. clicmd:: default-information originate always metric (0-16777214)
777 .. index:: default-information originate always metric (0-16777214) metric-type (1|2)
778 .. clicmd:: default-information originate always metric (0-16777214) metric-type (1|2)
780 .. index:: default-information originate always metric (0-16777214) metric-type (1|2) route-map WORD
781 .. clicmd:: default-information originate always metric (0-16777214) metric-type (1|2) route-map WORD
783 .. index:: no default-information originate
784 .. clicmd:: no default-information originate
786 Originate an AS-External (type-5) LSA describing a default route into all
787 external-routing capable areas, of the specified metric and metric type. If
788 the 'always' keyword is given then the default is always advertised, even
789 when there is no default present in the routing table.
791 .. index:: distribute-list NAME out (kernel|connected|static|rip|ospf
792 .. clicmd:: distribute-list NAME out (kernel|connected|static|rip|ospf
794 .. index:: no distribute-list NAME out (kernel|connected|static|rip|ospf
795 .. clicmd:: no distribute-list NAME out (kernel|connected|static|rip|ospf
797 .. _ospf-distribute-list:
799 Apply the access-list filter, NAME, to redistributed routes of the given
800 type before allowing the routes to redistributed into OSPF
801 (:ref:`ospf redistribution <ospf-redistribute>`).
803 .. index:: default-metric (0-16777214)
804 .. clicmd:: default-metric (0-16777214)
806 .. index:: no default-metric
807 .. clicmd:: no default-metric
809 .. index:: distance (1-255)
810 .. clicmd:: distance (1-255)
812 .. index:: no distance (1-255)
813 .. clicmd:: no distance (1-255)
815 .. index:: distance ospf (intra-area|inter-area|external) (1-255)
816 .. clicmd:: distance ospf (intra-area|inter-area|external) (1-255)
818 .. index:: no distance ospf
819 .. clicmd:: no distance ospf
821 .. index:: router zebra
822 .. clicmd:: router zebra
824 .. index:: no router zebra
825 .. clicmd:: no router zebra
828 .. _showing-ospf-information:
835 .. index:: show ip ospf
836 .. clicmd:: show ip ospf
838 Show information on a variety of general OSPF and area state and
839 configuration information.
841 .. index:: show ip ospf interface [INTERFACE]
842 .. clicmd:: show ip ospf interface [INTERFACE]
844 Show state and configuration of OSPF the specified interface, or all
845 interfaces if no interface is given.
847 .. index:: show ip ospf neighbor
848 .. clicmd:: show ip ospf neighbor
850 .. index:: show ip ospf neighbor INTERFACE
851 .. clicmd:: show ip ospf neighbor INTERFACE
853 .. index:: show ip ospf neighbor detail
854 .. clicmd:: show ip ospf neighbor detail
856 .. index:: show ip ospf neighbor INTERFACE detail
857 .. clicmd:: show ip ospf neighbor INTERFACE detail
859 .. index:: show ip ospf database
860 .. clicmd:: show ip ospf database
862 .. index:: show ip ospf database (asbr-summary|external|network|router|summary)
863 .. clicmd:: show ip ospf database (asbr-summary|external|network|router|summary)
865 .. index:: show ip ospf database (asbr-summary|external|network|router|summary) LINK-STATE-ID
866 .. clicmd:: show ip ospf database (asbr-summary|external|network|router|summary) LINK-STATE-ID
868 .. index:: show ip ospf database (asbr-summary|external|network|router|summary) LINK-STATE-ID adv-router ADV-ROUTER
869 .. clicmd:: show ip ospf database (asbr-summary|external|network|router|summary) LINK-STATE-ID adv-router ADV-ROUTER
871 .. index:: show ip ospf database (asbr-summary|external|network|router|summary) adv-router ADV-ROUTER
872 .. clicmd:: show ip ospf database (asbr-summary|external|network|router|summary) adv-router ADV-ROUTER
874 .. index:: show ip ospf database (asbr-summary|external|network|router|summary) LINK-STATE-ID self-originate
875 .. clicmd:: show ip ospf database (asbr-summary|external|network|router|summary) LINK-STATE-ID self-originate
877 .. index:: show ip ospf database (asbr-summary|external|network|router|summary) self-originate
878 .. clicmd:: show ip ospf database (asbr-summary|external|network|router|summary) self-originate
880 .. index:: show ip ospf database max-age
881 .. clicmd:: show ip ospf database max-age
883 .. index:: show ip ospf database self-originate
884 .. clicmd:: show ip ospf database self-originate
886 .. index:: show ip ospf route
887 .. clicmd:: show ip ospf route
889 Show the OSPF routing table, as determined by the most recent SPF
897 .. index:: ospf opaque-lsa
898 .. clicmd:: ospf opaque-lsa
900 .. index:: capability opaque
901 .. clicmd:: capability opaque
903 .. index:: no ospf opaque-lsa
904 .. clicmd:: no ospf opaque-lsa
906 .. index:: no capability opaque
907 .. clicmd:: no capability opaque
909 *ospfd* supports Opaque LSA (:rfc:`2370`) as fundamental for MPLS Traffic
910 Engineering LSA. Prior to used MPLS TE, opaque-lsa must be enable in the
911 configuration file. Alternate command could be "mpls-te on"
912 (:ref:`ospf-traffic-engineering`).
914 .. index:: show ip ospf database (opaque-link|opaque-area|opaque-external)
915 .. clicmd:: show ip ospf database (opaque-link|opaque-area|opaque-external)
917 .. index:: show ip ospf database (opaque-link|opaque-area|opaque-external) LINK-STATE-ID
918 .. clicmd:: show ip ospf database (opaque-link|opaque-area|opaque-external) LINK-STATE-ID
920 .. index:: show ip ospf database (opaque-link|opaque-area|opaque-external) LINK-STATE-ID adv-router ADV-ROUTER
921 .. clicmd:: show ip ospf database (opaque-link|opaque-area|opaque-external) LINK-STATE-ID adv-router ADV-ROUTER
923 .. index:: show ip ospf database (opaque-link|opaque-area|opaque-external) adv-router ADV-ROUTER
924 .. clicmd:: show ip ospf database (opaque-link|opaque-area|opaque-external) adv-router ADV-ROUTER
926 .. index:: show ip ospf database (opaque-link|opaque-area|opaque-external) LINK-STATE-ID self-originate
927 .. clicmd:: show ip ospf database (opaque-link|opaque-area|opaque-external) LINK-STATE-ID self-originate
929 .. index:: show ip ospf database (opaque-link|opaque-area|opaque-external) self-originate
930 .. clicmd:: show ip ospf database (opaque-link|opaque-area|opaque-external) self-originate
932 Show Opaque LSA from the database.
934 .. _ospf-traffic-engineering:
939 .. index:: mpls-te on
940 .. clicmd:: mpls-te on
942 .. index:: no mpls-te
943 .. clicmd:: no mpls-te
945 Enable Traffic Engineering LSA flooding.
947 .. index:: mpls-te router-address <A.B.C.D>
948 .. clicmd:: mpls-te router-address <A.B.C.D>
950 Configure stable IP address for MPLS-TE. This IP address is then advertise
951 in Opaque LSA Type-10 TLV=1 (TE) option 1 (Router-Address).
953 .. index:: mpls-te inter-as area <area-id>|as
954 .. clicmd:: mpls-te inter-as area <area-id>|as
956 .. index:: no mpls-te inter-as
957 .. clicmd:: no mpls-te inter-as
959 Enable :rfc:`5392` support - Inter-AS TE v2 - to flood Traffic Engineering
960 parameters of Inter-AS link. 2 modes are supported: AREA and AS; LSA are
961 flood in AREA <area-id> with Opaque Type-10, respectively in AS with Opaque
962 Type-11. In all case, Opaque-LSA TLV=6.
964 .. index:: show ip ospf mpls-te interface
965 .. clicmd:: show ip ospf mpls-te interface
967 .. index:: show ip ospf mpls-te interface INTERFACE
968 .. clicmd:: show ip ospf mpls-te interface INTERFACE
970 Show MPLS Traffic Engineering parameters for all or specified interface.
972 .. index:: show ip ospf mpls-te router
973 .. clicmd:: show ip ospf mpls-te router
975 Show Traffic Engineering router parameters.
977 .. _router-information:
982 .. index:: router-info [as | area]
983 .. clicmd:: router-info [as | area]
985 .. index:: no router-info
986 .. clicmd:: no router-info
988 Enable Router Information (:rfc:`4970`) LSA advertisement with AS scope
989 (default) or Area scope flooding when area is specified. Old syntax
990 `router-info area <A.B.C.D>` is always supported but mark as deprecated
991 as the area ID is no more necessary. Indeed, router information support
992 multi-area and detect automatically the areas.
994 .. index:: pce address <A.B.C.D>
995 .. clicmd:: pce address <A.B.C.D>
997 .. index:: no pce address
998 .. clicmd:: no pce address
1000 .. index:: pce domain as (0-65535)
1001 .. clicmd:: pce domain as (0-65535)
1003 .. index:: no pce domain as (0-65535)
1004 .. clicmd:: no pce domain as (0-65535)
1006 .. index:: pce neighbor as (0-65535)
1007 .. clicmd:: pce neighbor as (0-65535)
1009 .. index:: no pce neighbor as (0-65535)
1010 .. clicmd:: no pce neighbor as (0-65535)
1012 .. index:: pce flag BITPATTERN
1013 .. clicmd:: pce flag BITPATTERN
1015 .. index:: no pce flag
1016 .. clicmd:: no pce flag
1018 .. index:: pce scope BITPATTERN
1019 .. clicmd:: pce scope BITPATTERN
1021 .. index:: no pce scope
1022 .. clicmd:: no pce scope
1024 The commands are conform to :rfc:`5088` and allow OSPF router announce Path
1025 Computation Element (PCE) capabilities through the Router Information (RI)
1026 LSA. Router Information must be enable prior to this. The command set/unset
1027 respectively the PCE IP address, Autonomous System (AS) numbers of
1028 controlled domains, neighbor ASs, flag and scope. For flag and scope, please
1029 refer to :rfc`5088` for the BITPATTERN recognition. Multiple 'pce neighbor'
1030 command could be specified in order to specify all PCE neighbours.
1032 .. index:: show ip ospf router-info
1033 .. clicmd:: show ip ospf router-info
1035 Show Router Capabilities flag.
1037 .. index:: show ip ospf router-info pce
1038 .. clicmd:: show ip ospf router-info pce
1040 Show Router Capabilities PCE parameters.
1047 This is an EXPERIMENTAL support of Segment Routing as per draft
1048 `draft-ietf-ospf-segment-routing-extensions-24.txt` for MPLS dataplane.
1050 .. index:: [no] segment-routing on
1051 .. clicmd:: [no] segment-routing on
1053 Enable Segment Routing. Even if this also activate routing information
1054 support, it is preferable to also activate routing information, and set
1055 accordingly the Area or AS flooding.
1057 .. index:: [no] segment-routing global-block (0-1048575) (0-1048575)
1058 .. clicmd:: [no] segment-routing global-block (0-1048575) (0-1048575)
1060 Fix the Segment Routing Global Block i.e. the label range used by MPLS to
1061 store label in the MPLS FIB.
1063 .. index:: [no] segment-routing node-msd (1-16)
1064 .. clicmd:: [no] segment-routing node-msd (1-16)
1066 Fix the Maximum Stack Depth supported by the router. The value depend of the
1067 MPLS dataplane. E.g. for Linux kernel, since version 4.13 it is 32.
1069 .. index:: [no] segment-routing prefix A.B.C.D/M index (0-65535) [no-php-flag]
1070 .. clicmd:: [no] segment-routing prefix A.B.C.D/M index (0-65535) [no-php-flag]
1072 Set the Segment Routing index for the specified prefix. Note that, only
1073 prefix with /32 corresponding to a loopback interface are currently
1074 supported. The 'no-php-flag' means NO Penultimate Hop Popping that allows SR
1075 node to request to its neighbor to not pop the label.
1077 .. index:: show ip ospf database segment-routing <adv-router ADVROUTER|self-originate> [json]
1078 .. clicmd:: show ip ospf database segment-routing <adv-router ADVROUTER|self-originate> [json]
1080 Show Segment Routing Data Base, all SR nodes, specific advertised router or
1081 self router. Optional JSON output can be obtained by appending 'json' to the
1087 .. index:: debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all) (send|recv) [detail]
1088 .. clicmd:: debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all) (send|recv) [detail]
1090 .. index:: no debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all) (send|recv) [detail]
1091 .. clicmd:: no debug ospf packet (hello|dd|ls-request|ls-update|ls-ack|all) (send|recv) [detail]
1093 Dump Packet for debugging
1095 .. index:: debug ospf ism
1096 .. clicmd:: debug ospf ism
1098 .. index:: debug ospf ism (status|events|timers)
1099 .. clicmd:: debug ospf ism (status|events|timers)
1101 .. index:: no debug ospf ism
1102 .. clicmd:: no debug ospf ism
1104 .. index:: no debug ospf ism (status|events|timers)
1105 .. clicmd:: no debug ospf ism (status|events|timers)
1107 Show debug information of Interface State Machine
1109 .. index:: debug ospf nsm
1110 .. clicmd:: debug ospf nsm
1112 .. index:: debug ospf nsm (status|events|timers)
1113 .. clicmd:: debug ospf nsm (status|events|timers)
1115 .. index:: no debug ospf nsm
1116 .. clicmd:: no debug ospf nsm
1118 .. index:: no debug ospf nsm (status|events|timers)
1119 .. clicmd:: no debug ospf nsm (status|events|timers)
1121 Show debug information of Network State Machine
1123 .. index:: debug ospf event
1124 .. clicmd:: debug ospf event
1126 .. index:: no debug ospf event
1127 .. clicmd:: no debug ospf event
1129 Show debug information of OSPF event
1131 .. index:: debug ospf nssa
1132 .. clicmd:: debug ospf nssa
1134 .. index:: no debug ospf nssa
1135 .. clicmd:: no debug ospf nssa
1137 Show debug information about Not So Stub Area
1139 .. index:: debug ospf lsa
1140 .. clicmd:: debug ospf lsa
1142 .. index:: debug ospf lsa (generate|flooding|refresh)
1143 .. clicmd:: debug ospf lsa (generate|flooding|refresh)
1145 .. index:: no debug ospf lsa
1146 .. clicmd:: no debug ospf lsa
1148 .. index:: no debug ospf lsa (generate|flooding|refresh)
1149 .. clicmd:: no debug ospf lsa (generate|flooding|refresh)
1151 Show debug detail of Link State messages
1153 .. index:: debug ospf te
1154 .. clicmd:: debug ospf te
1156 .. index:: no debug ospf te
1157 .. clicmd:: no debug ospf te
1159 Show debug information about Traffic Engineering LSA
1161 .. index:: debug ospf zebra
1162 .. clicmd:: debug ospf zebra
1164 .. index:: debug ospf zebra (interface|redistribute)
1165 .. clicmd:: debug ospf zebra (interface|redistribute)
1167 .. index:: no debug ospf zebra
1168 .. clicmd:: no debug ospf zebra
1170 .. index:: no debug ospf zebra (interface|redistribute)
1171 .. clicmd:: no debug ospf zebra (interface|redistribute)
1173 Show debug information of ZEBRA API
1175 .. index:: show debugging ospf
1176 .. clicmd:: show debugging ospf
1179 OSPF Configuration Examples
1180 ===========================
1182 A simple example, with MD5 authentication enabled:
1188 ip ospf authentication message-digest
1189 ip ospf message-digest-key 1 md5 ABCDEFGHIJK
1192 network 192.168.0.0/16 area 0.0.0.1
1193 area 0.0.0.1 authentication message-digest
1196 An :abbr:`ABR` router, with MD5 authentication and performing summarisation
1197 of networks between the areas:
1203 log file /var/log/frr/ospfd.log
1204 service advanced-vty
1207 ip ospf authentication message-digest
1208 ip ospf message-digest-key 1 md5 ABCDEFGHIJK
1213 ip ospf authentication message-digest
1214 ip ospf message-digest-key 2 md5 XYZ12345
1217 ospf router-id 192.168.0.1
1218 redistribute connected
1219 passive interface ppp0
1220 network 192.168.0.0/24 area 0.0.0.0
1221 network 10.0.0.0/16 area 0.0.0.0
1222 network 192.168.1.0/24 area 0.0.0.1
1223 area 0.0.0.0 authentication message-digest
1224 area 0.0.0.0 range 10.0.0.0/16
1225 area 0.0.0.0 range 192.168.0.0/24
1226 area 0.0.0.1 authentication message-digest
1227 area 0.0.0.1 range 10.2.0.0/16
1231 A Traffic Engineering configuration, with Inter-ASv2 support.
1233 First, the :file:`zebra.conf` part:
1238 ip address 198.168.1.1/24
1255 ip address 192.168.2.1/24
1269 neighbor 192.168.2.2 as 65000
1272 log file /var/log/zebra.log
1275 ip address 198.168.1.1/24
1292 ip address 192.168.2.1/24
1306 neighbor 192.168.2.2 as 65000
1308 Then the :file:`ospfd.conf` itself:
1314 log file /var/log/ospfd.log
1318 ip ospf hello-interval 60
1319 ip ospf dead-interval 240
1322 ip ospf hello-interval 60
1323 ip ospf dead-interval 240
1327 ospf router-id 192.168.1.1
1328 network 192.168.0.0/16 area 1
1331 mpls-te router-address 192.168.1.1
1332 mpls-te inter-as area 1
1336 A router information example with PCE advertisement:
1342 ospf router-id 192.168.1.1
1343 network 192.168.0.0/16 area 1
1346 mpls-te router-address 192.168.1.1
1347 router-info area 0.0.0.1
1348 pce address 192.168.1.1
1351 pce neighbor as 65500
1352 pce neighbor as 65200