05-Layer 3-IP Routing Command Reference

HomeSupportReference GuidesCommand ReferencesH3C S6520X-HI[EI][SI] & S6520-SI & S5560X-HI & S5000-EI & MS4600 Switch Series Command References-R63xx-6W10105-Layer 3-IP Routing Command Reference
04-OSPF commands
Title Size Download
04-OSPF commands 537.71 KB

Contents

OSPF commands· 1

abr-summary (OSPF area view) 1

area (OSPF view) 1

asbr-summary (OSPF view) 2

authentication-mode· 3

bandwidth-reference (OSPF view) 5

capability default-exclusion· 6

database-filter peer (OSPF view) 6

default (OSPF view) 7

default-cost (OSPF area view) 8

default-route-advertise (OSPF view) 9

description (OSPF/OSPF area view) 10

discard-route· 11

display ospf 11

display ospf abr-asbr 17

display ospf abr-summary· 19

display ospf asbr-summary· 21

display ospf event-log· 22

display ospf fast-reroute lfa-candidate· 26

display ospf graceful-restart 27

display ospf interface· 30

display ospf lsdb· 32

display ospf nexthop· 35

display ospf non-stop-routing status· 36

display ospf peer 37

display ospf peer statistics· 40

display ospf request-queue· 40

display ospf retrans-queue· 42

display ospf routing· 43

display ospf spf-tree· 45

display ospf statistics· 49

display ospf vlink· 53

display router id· 54

distribute bgp-ls· 54

dscp· 55

enable link-local-signaling· 56

enable out-of-band-resynchronization· 56

event-log· 57

fast-reroute (OSPF view) 57

filter (OSPF area view) 58

filter-policy export (OSPF view) 59

filter-policy import (OSPF view) 60

graceful-restart (OSPF view) 61

graceful-restart helper enable· 63

graceful-restart helper strict-lsa-checking· 63

graceful-restart interval (OSPF view) 64

host-advertise· 64

import-route (OSPF view) 65

ispf enable (OSPF view) 67

log-peer-change· 68

lsa-arrival-interval 68

lsa-generation-interval 69

lsdb-overflow-interval 70

lsdb-overflow-limit 70

maximum load-balancing (OSPF view) 71

network (OSPF area view) 72

non-stop-routing· 72

nssa (OSPF area view) 73

opaque-capability enable· 74

ospf 75

ospf area· 76

ospf authentication-mode· 76

ospf bfd enable· 78

ospf cost (interface view) 79

ospf database-filter 79

ospf dr-priority· 81

ospf fast-reroute lfa-backup· 81

ospf lsu-flood-control 82

ospf mib-binding· 83

ospf mtu-enable· 83

ospf network-type· 84

ospf packet-size· 85

ospf prefix-suppression· 86

ospf primary-path-detect bfd· 86

ospf timer dead· 87

ospf timer hello· 88

ospf timer poll 89

ospf timer retransmit 89

ospf trans-delay· 90

ospf ttl-security· 90

peer (OSPF view) 92

pic (OSPF view) 92

preference (OSPF view) 93

prefix-priority (OSPF view) 94

prefix-suppression· 95

reset ospf event-log· 96

reset ospf process· 96

reset ospf redistribution· 97

reset ospf statistics· 97

rfc1583 compatible· 98

router id· 99

silent-interface (OSPF view) 99

snmp trap rate-limit 100

snmp-agent trap enable ospf 101

spf-schedule-interval (OSPF view) 102

stub (OSPF area view) 103

stub-router (OSPF view) 104

transmit-pacing· 105

ttl-security· 105

vlink-peer (OSPF area view) 106

 


OSPF commands

abr-summary (OSPF area view)

Use abr-summary to configure route summarization on an ABR.

Use undo abr-summary to remove the configuration.

Syntax

abr-summary ip-address { mask-length | mask } [ advertise | not-advertise ] [ cost cost-value ]

undo abr-summary ip-address { mask-length | mask }

Default

Route summarization is not configured on an ABR.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the destination IP address of the summary route in dotted decimal notation.

mask-length: Specifies the mask length in the range of 0 to 32.

mask: Specifies the mask of the IP address, in dotted decimal notation.

advertise | not-advertise: Advertises the summary route or not. By default, the command advertises the summary route.

cost cost-value: Specifies the cost of the summary route, in the range of 1 to 16777215. The default cost is the largest cost value among routes that are summarized.

Usage guidelines

This command applies only to an ABR to summarize multiple contiguous networks into one network.

To enable ABR to advertise specific routes that have been summarized, use the undo abr-summary command.

Examples

# Summarize networks 36.42.10.0/24 and 36.42.110.0/24 in Area 1 into 36.42.0.0/16.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] network 36.42.10.0 0.0.0.255

[Sysname-ospf-100-area-0.0.0.1] network 36.42.110.0 0.0.0.255

[Sysname-ospf-100-area-0.0.0.1] abr-summary 36.42.0.0 255.255.0.0

area (OSPF view)

Use area to create an OSPF area and enter OSPF area view.

Use undo area to remove an OSPF area.

Syntax

area area-id

undo area area-id

Default

No OSPF areas exist.

Views

OSPF view

Predefined user roles

network-admin

Parameters

area-id: Specifies an area by its ID, an IP address or a decimal integer in the range of 0 to 4294967295 that is translated into the IP address format.

Examples

# Create Area 0 and enter Area 0 view.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 0

[Sysname-ospf-100-area-0.0.0.0]

asbr-summary (OSPF view)

Use asbr-summary to configure route summarization on an ASBR.

Use undo asbr-summary to remove the configuration.

Syntax

asbr-summary ip-address { mask-length | mask } [ cost cost-value | not-advertise | nssa-only | tag tag ] *

undo asbr-summary ip-address { mask-length | mask }

Default

Route summarization is not configured on an ASBR.

Views

OSPF view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the destination IP address of the summary route.

mask-length: Specifies the mask length in the range of 0 to 32.

mask: Specifies the mask in dotted decimal notation.

cost cost-value: Specifies the cost of the summary route, in the range of 1 to 16777214. If you do not specify this option, the largest cost among the summarized routes applies. If the routes in Type-5 LSAs translated from Type-7 LSAs are Type-2 external routes, the largest cost among the summarized routes plus 1 applies.

not-advertise: Disables advertising the summary route. If you do not specify this keyword, the command advertises the route.

nssa-only: Limits the route advertisement to the NSSA area by setting the P-bit of Type-7 LSAs to 0. By default, the P-bit of Type-7 LSAs is set to 1. If the ASBR is also an ABR and FULL state neighbors exist in the backbone area, the P-bit of Type-7 LSAs originated by the ASBR is set to 0. This keyword applies to the NSSA ASBR.

tag tag: Specifies a tag for the summary route, in the range of 0 to 4294967295. The default is 1. The tag can be used by a routing policy to control summary route advertisement.

Usage guidelines

An ASBR can summarize routes in the following LSAs:

·     Type-5 LSAs.

·     Type-7 LSAs in an NSSA area.

·     Type-5 LSAs translated by the ASBR (also an ABR) from Type-7 LSAs in an NSSA area.

If the ASBR (ABR) is not a translator, it cannot summarize routes in Type-5 LSAs translated from Type-7 LSAs.

To enable ASBR to advertise specific routes that have been summarized, use the undo asbr-summary command.

Examples

# Summarize redistributed static routes into a single route, and specify a tag value of 2 and a cost of 100 for the summary route.

<Sysname> system-view

[Sysname] ip route-static 10.2.1.0 24 null 0

[Sysname] ip route-static 10.2.2.0 24 null 0

[Sysname] ospf 100

[Sysname-ospf-100] import-route static

[Sysname-ospf-100] asbr-summary 10.2.0.0 255.255.0.0 tag 2 cost 100

authentication-mode

Use authentication-mode to specify an authentication mode for an OSPF area.

Use undo authentication-mode to remove the configuration.

Syntax

For MD5/HMAC-MD5 authentication:

authentication-mode { hmac-md5 | md5 } key-id { cipher | plain } string

undo authentication-mode [ { hmac-md5 | md5 } key-id ]

For simple authentication:

authentication-mode simple { cipher | plain } string

undo authentication-mode

For keychain authentication:

authentication-mode keychain keychain-name

undo authentication-mode

Default

No authentication is performed for an area.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

hmac-md5: Specifies the HMAC-MD5 authentication mode.

md5: Specifies the MD5 authentication mode.

simple: Specifies the simple authentication mode.

key-id: Specifies a key by its ID in the range of 0 to 255.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

·     In simple authentication mode, the plaintext form of the key is a string of 1 to 8 characters. The encrypted form of the key is a string of 33 to 41 characters.

·     In MD5/HMAC-MD5 authentication mode, the plaintext form of the key is a string of 1 to 16 characters. The encrypted form of the key is a string of 33 to 53 characters.

keychain: Specifies the keychain authentication mode.

keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

To establish or maintain adjacencies, routers in the same area must have the same authentication mode and key.

If MD5 or HMAC-MD5 authentication is configured, you can configure multiple keys, each having a unique key ID and key string. As a best practice to minimize the risk of key compromise, use only one key for an area and delete the old key after key replacement.

To replace the key used for MD5 or HMAC-MD5 authentication in an area, you must configure the new key before removing the old key from each router. OSPF uses the key rollover mechanism to ensure that the routers can pass authentication before the replacement is complete across the area. After you configure a new key on a router, the router sends copies of the same packet, each authenticated by a different key, including the new key and the keys in use. This practice continues until the router detects that all its neighbors have the new key.

When keychain authentication is configured for an OSPF area, OSPF performs the following operations before sending a packet:

1.     Obtains a valid send key from the keychain.

OSPF does not send the packet if it fails to obtain a valid send key.

2.     Uses the key ID, authentication algorithm, and key string to authenticate the packet.

If the key ID is greater than 255, OSPF does not send the packet.

When keychain authentication is configured for an OSPF area, OSPF performs the following operations after receiving a packet:

1.     Uses the key ID carried in the packet to obtain a valid accept key from the keychain.

OSPF discards the packet if it fails to obtain a valid accept key.

2.     Uses the authentication algorithm and key string for the valid accept key to authenticate the packet.

If the authentication fails, OSPF discards the packet.

The authentication algorithm can only beMD5 or HMAC-MD5 and the ID of keys used for authentication can only be in the range of 0 to 255.

Examples

# Configure OSPF Area 0 to use the MD5 authentication mode, and set the key ID to 15 and the key to abc in plaintext form.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 0

[Sysname-ospf-100-area-0.0.0.0] authentication-mode md5 15 plain abc

Related commands

ospf authentication-mode

bandwidth-reference (OSPF view)

Use bandwidth-reference to set a reference bandwidth value for link cost calculation.

Use undo bandwidth-reference to restore the default value.

Syntax

bandwidth-reference value

undo bandwidth-reference

Default

The reference bandwidth value is 100 Mbps for link cost calculation.

Views

OSPF view

Predefined user roles

network-admin

Parameters

value: Specifies the reference bandwidth value for link cost calculation, in the range of 1 to 4294967 Mbps.

Usage guidelines

If no cost values are configured for links, OSPF calculates their cost values by using the following formula: Cost = Reference bandwidth value / Expected interface bandwidth. The expected bandwidth of an interface is configured with the bandwidth command (see Interface Command Reference). If the calculated cost is greater than 65535, the value of 65535 is used. If the calculated cost is less than 1, the value of 1 is used.

Examples

# Set the reference bandwidth value to 1000 Mbps.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] bandwidth-reference 1000

Related commands

ospf cost

capability default-exclusion

Use capability default-exclusion to exclude interfaces in an OSPF area from the base topology.

Use undo capability default-exclusion to restore the default.

Syntax

capability default-exclusion

undo capability default-exclusion

Default

Interfaces in an OSPF area belong to the base topology.

Views

OSPF area view

Predefined user roles

network-admin

Usage guidelines

For correct neighbor relationship establishment, execute this command on both the local device and the neighbor device.

Examples

# Exclude interfaces in Area 1 from the base topology.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] capability default-exclusion

database-filter peer (OSPF view)

Use database-filter peer to filter LSAs for the specified P2MP neighbor.

Use undo database-filter peer to restore the default.

Syntax

database-filter peer ip-address { all | { ase [ acl ipv4-acl-number ] | nssa [ acl ipv4-acl-number ] | summary [ acl ipv4-acl-number ] } * }

undo database-filter peer ip-address

Default

The LSAs for the specified P2MP neighbor are not filtered.

Views

OSPF view

Predefined user roles

network-admin

Parameters

ip-address: Specifies a P2MP neighbor by its IP address.

all: Filters all LSAs except the Grace LSAs.

ase: Filters Type-5 LSAs.

nssa: Filters Type-7 LSAs.

summary: Filters Type-3 LSAs.

acl ipv4-acl-number: Specifies an IPv4 ACL by its number in the range of 2000 to 3999.

Usage guidelines

On an P2MP network, a router might have multiple OSPF neighbors with the P2MP type. Use this command to prevent the router from sending LSAs to the specified neighbor.

To use an advanced ACL (with a number from 3000 to 3999) in the command, configure the ACL using one of the following methods:

·     To deny/permit LSAs with the specified link state ID, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard command.

·     To deny/permit LSAs with the specified link state ID and mask, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard destination dest-addr dest-wildcard command.

The source keyword specifies the link state ID of an LSA and the destination keyword specifies the subnet mask of the LSA. For the mask configuration to take effect, specify a contiguous subnet mask.

If the specified neighbor has already received an LSA, the LSA still exists in the LSDB of the neighbor after you execute the command.

Examples

# Filter all LSAs (except the Grace LSAs) for the P2MP neighbor with the IP address 121.20.20.121.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] database-filter peer 121.20.20.121 all

# Configure advanced ACL 3000 to filter Type-3 LSAs for the P2MP neighbor with the IP address 121.20.20.121.

<Sysname> system-view

[Sysname] acl advanced 3000

[Sysname-acl-ipv4-adv-3000]rule 10 deny ip source 121.20.0.0 0 destination 255.255.0.0 0

[Sysname-acl-ipv4-adv-3000] rule 100 permit ip

[Sysname-acl-ipv4-adv-3000] quit

[Sysname] ospf 1

[Sysname-ospf-1] database-filter peer 121.20.20.121 summary acl 3000

Related commands

ospf database-filter

default (OSPF view)

Use default to configure default parameters for redistributed routes.

Use undo default to remove the configuration.

Syntax

default { cost cost-value | tag tag | type type } *

undo default { cost | tag | type } *

Default

The cost is 1, the tag is 1, and the route type is 2.

Views

OSPF view

Predefined user roles

network-admin

Parameters

cost cost-value: Specifies a default cost for redistributed routes, in the range of 0 to 16777214.

tag tag: Specifies a tag for redistributed routes, in the range of 0 to 4294967295.

type type: Specifies a type for redistributed routes: 1 or 2.

Examples

# Set the default cost, tag, and type to 10, 100, and 2 for redistributed external routes.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] default cost 10 tag 100 type 2

Related commands

import-route

default-cost (OSPF area view)

Use default-cost to set a cost for the default route advertised to the stub or NSSA area.

Use undo default-cost to restore the default value.

Syntax

default-cost cost-value

undo default-cost

Default

The cost is 1.

Views

OSPF area view

OSPF IPv4 unicast topology area view

Predefined user roles

network-admin

Parameters

cost-value: Specifies a cost for the default route advertised to the Stub or NSSA area, in the range of 0 to 16777214.

Usage guidelines

This command takes effect only on the ABR of a stub area or the ABR or ASBR of an NSSA area.

Examples

# Configure Area 1 as a stub area, and set the cost of the default route advertised to the stub area to 20.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] stub

[Sysname-ospf-100-area-0.0.0.1] default-cost 20

Related commands

nssa

stub

default-route-advertise (OSPF view)

Use default-route-advertise to redistribute a default route into the OSPF routing domain.

Use undo default-route-advertise to restore the default.

Syntax

default-route-advertise [ [ always | permit-calculate-other ] | cost cost-value | route-policy route-policy-name | type type ] *

default-route-advertise [ summary cost cost-value ]

undo default-route-advertise

Default

No default route is redistributed into the OSPF routing domain.

Views

OSPF view

Predefined user roles

network-admin

Parameters

always: Redistributes a default route in a Type-5 LSA into the OSPF routing domain regardless of whether a default route exists in the routing table. If you do not specify this keyword, the router redistributes a default route only when an active default route that does not belong to the current OSPF process exists in the IP routing table.

permit-calculate-other: Enables OSPF to calculate default routes received from other routers. If you do not specify this keyword, OSPF does not calculate default routes from other routers. If the router does not redistribute any default route in a Type-5 LSA into the OSPF routing domain, the router calculates default routes from other routers. It calculates these routes regardless of whether this keyword is specified.

cost cost-value: Specifies a cost for the default route, in the range of 0 to 16777214. If you do not specify this option, the default cost specified by the default-cost command applies.

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. When the routing policy is matched and one of the following conditions is met, the command redistributes a default route in a Type-5 LSA into the OSPF routing domain:

·     A default route exists in the routing table.

·     The always keyword is specified.

The routing policy modifies values in the Type-5 LSA.

type type: Specifies a type for the Type-5 LSA: 1 or 2. If you do not specify this option, the default type for the Type-5 LSA specified by the default type command applies.

summary: Advertises the specified default route in a Type-3 LSA. This keyword is available only for VPNs.

Usage guidelines

This command redistributes a default route in a Type-5 LSA, which cannot be redistributed with the import-route command. If the local routing table has no default route, you must specify the always keyword for the command.

The default-route-advertise summary cost command is applicable only to VPNs. It enables a PE router to redistribute a default external route in a Type-3 LSA to CE routers.

Examples

# Redistribute a default route into the OSPF routing domain, regardless of whether the default route exists in the local routing table.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] default-route-advertise always

Related commands

default

import-route

description (OSPF/OSPF area view)

Use description to configure a description for an OSPF process or area.

Use undo description to restore the default.

Syntax

description text

undo description

Default

No description is configured for an OSPF process or area.

Views

OSPF view

OSPF area view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 80 characters.

Usage guidelines

The description specified by this command is used to identify an OSPF process or area.

Examples

# Describe OSPF process 100 as abc.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] description abc

# Describe OSPF Area 0 as bone area.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 0

[Sysname-ospf-100-area-0.0.0.0] description bone area

discard-route

Use discard-route to configure discard routes for summary networks.

Use undo discard-route to restore the default.

Syntax

discard-route { external { preference | suppression } | internal { preference | suppression } } *

undo discard-route [ external | internal ] *

Default

A device generates discard routes with preference 255 for summary networks.

Views

OSPF view

Predefined user roles

network-admin

Parameters

external: Specifies discard routes for redistributed summary networks on the ASBR. These discard routes are external discard routes.

preference: Specifies a preference for external discard routes, in the range of 1 to 255.

suppression: Disables the ASBR from generating external discard routes for summary networks.

internal: Specifies discard routes for summary networks on the ABR. These discard routes are internal discard routes.

preference: Specifies a preference for internal discard routes, in the range of 1 to 255.

suppression: Disables the ABR from generating internal discard routes for summary networks.

Examples

# Generate external and internal discard routes with preference 100 and 200, respectively.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] discard-route external 100 internal 200

display ospf

Use display ospf to display OSPF process information.

Syntax

display ospf [ process-id ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

verbose: Displays detailed OSPF process information. If you do not specify this keyword, the command displays brief OSPF process information.

Examples

# Display detailed OSPF process information.

<Sysname> display ospf verbose

 

          OSPF Process 1 with Router ID 192.168.1.2

                  OSPF Protocol Information

 

 RouterID: 192.168.1.2      Router type:  NSSA

 Route tag: 0

 Multi-VPN-Instance is not enabled

 Ext-community type: domain ID 0x105, route type 0x8000, router ID 0x8001

 Domain ID: 0.0.0.0:23

 Opaque capable

 Originating router-LSAs with maximum metric

    Condition: On startup for 600 seconds, State: Inactive

    Advertise stub links with maximum metric in router-LSAs

    Advertise summary-LSAs with metric 16711680

    Advertise external-LSAs with metric 16711680

 ISPF is enabled

 SPF-schedule-interval: 5 50 200

 LSA generation interval: 5

 LSA arrival interval: 1000

 Transmit pacing: Interval: 20 Count: 3

 Default ASE parameters: Metric: 1 Tag: 1 Type: 2

 Route preference: 10

 ASE route preference: 150

 SPF computation count: 22

 RFC 1583 compatible

 Graceful restart interval: 120

 SNMP trap rate limit interval: 2  Count: 300

 This process is currently bound to MIB

 Area count: 1   NSSA area count: 1

 Normal areas with up interfaces: 0

 NSSA areas with up interfaces: 1

 Up interfaces: 1

 ExChange/Loading neighbors: 0

 Full neighbors:3

 Area0 full neighbors: 1

 Calculation trigger type: Full

 Current calculation type: SPF calculation

 Current calculation phase: Calculation area topology

 Process reset state: N/A

 Current reset type: N/A

 Next reset type: N/A

 Reset prepare message replied: -/-/-/-

 Reset process message replied: -/-/-/-

 Reset phase of module:

   M-N/A, P-N/A, L-N/A, C-N/A, R-N/A

 

 

 Area: 0.0.0.1          (MPLS TE not enabled)

 Authtype: None    Area flag: NSSA

 7/5 translator state: Disabled

 7/5 translate stability timer interval: 0

 SPF scheduled count: 5

 ExChange/Loading neighbors: 0

 Up interfaces: 1

 

 Interface: 192.168.1.2 (Vlan-interface10)

 Cost: 1       State: DR        Type: Broadcast    MTU: 1500

 Priority: 1

 Designated router: 192.168.1.2

 Backup designated router: 192.168.1.1

 Timers: Hello 10 , Dead 40 , Poll  40 , Retransmit 5 , Transmit Delay 1

 FRR backup: Enabled

 Enabled by network configuration

 Packet size: 1000

Table 1 Command output

Field

Description

OSPF Process 1 with Router ID 192.168.1.2

OSPF process ID and OSPF router ID.

RouterID

Router ID.

Router type

Router type:

·     ABR.

·     ASBR.

·     NSSA.

·     Null.

Route tag

Tag of redistributed routes.

Multi-VPN-Instance is not enabled

The OSPF process does not support multi-VPN-instance.

Ext-community type

OSPF extended community attribute type codes:

·     Domain ID—Domain ID code.

·     Route Type—Router type code.

·     Router ID—Router ID code.

Domain ID

OSPF domain ID (primary ID).

Opaque capable

Opaque LSA advertisement and reception capability is enabled.

Originating router-LSAs with maximum metric

The maximum cost value for router LSAs (excluding stub links) is used.

Condition

Status of the stub router:

·     Always.

·     On startup while BGP is converging.

·     On startup while BGP is converging for xxx seconds, where xxx is specified by the user.

·     On startup for xxx seconds, where xxx is specified by the user.

State

Whether the stub router is active.

SPF-schedule-interval

Interval for SPF calculations.

LSA generation interval

LSA generation interval.

LSA arrival interval

LSA arrival interval.

Transmit pacing

LSU packet transmit rate of the interface:

·     Interval—LSU transmit interval of the interface.

·     Count—Maximum number of LSU packets sent at each interval.

Default ASE parameters

Default ASE parameters: Metric, Tag, and Type.

Route preference

Internal route preference.

ASE route preference

External route preference.

SPF computation count

SPF computation count of the OSPF process.

RFC1583 compatible

Compatible with RFC 1583.

Graceful restart interval

GR interval.

SNMP trap rate limit interval

SNMP notification sending interval.

Count

Number of sent SNMP notifications.

ExChange/Loading neighbors

Neighbors in ExChange/Loading state.

Full neighbors

Neighbors in Full state.

Area0 full neighbors

Neighbors in Full state in the backbone area.

Calculation trigger type

Route calculation trigger type:

·     Full—Calculation of all routes is triggered.

·     Area topology change—Topology change in an area.

·     Intra router change—Incremental intra-area route change.

·     ASBR change—Incremental ASBR route change.

·     7to5 translator—Type-7-to-Type-5 LSA translator role change.

·     Full IP prefix—Calculation of all IP prefixes is triggered.

·     Full intra AS—Calculation of all intra-AS prefixes is triggered.

·     Inc intra AS—Calculation of incremental intra-AS prefixes is triggered.

·     Full inter AS—Calculation of all AS-external prefixes is triggered.

·     Inc inter AS—Calculation of incremental AS-external prefixes is triggered.

·     N/A—Route calculation is not triggered.

Current calculation type

Current route calculation type:

·     SPF calculation.

·     Intra router calculation—Intra-area route calculation.

·     ASBR calculation—Inter-area ASBR route calculation.

·     Inc intra router—Incremental intra-area route calculation.

·     Inc ASBR calculation—Incremental inter-area ASBR route calculation.

·     7to5 translator—Type-7-to-Type-5 LSA calculation.

·     Full intra AS—Calculation of all intra-AS prefixes.

·     Inc intra AS—Calculation of incremental intra-AS prefixes.

·     Full inter AS—Calculation of all AS-external prefixes.

·     Inc inter AS—Calculation of incremental AS-external prefixes.

·     Forward address—Forwarding address calculation.

·     N/A—Route calculation is not triggered.

Current calculation phase

Current route calculation phase:

·     Calculation area topology—Calculating area topology.

·     Calculation router—Calculating routes on routers.

·     Calculation intra AS—Calculating intra-AS routes.

·     7to5 translator—Calculating Type-7-to-Type-5 LSAs.

·     Forward address—Calculating forwarding addresses.

·     Calculation inter AS—Calculating AS-external routes.

·     Calculation end—Ending phase of calculation.

·     N/A—Route calculation is not triggered.

Process reset state

Process reset state:

·     N/A—The process is not reset.

·     Under reset—The process is in the reset progress.

·     Under RIB smooth—The process is synchronizing the RIB.

Current reset type

Current process reset type:

·     N/A—The process is not reset.

·     Normal—Normal reset.

·     GR quit—Normal reset when GR quits abnormally.

·     Delete—Delete OSPF process.

·     VPN delete—Delete VPN.

Next reset type

Next process reset type:

·     N/A—The process is not reset.

·     Normal—Normal reset.

·     GR quit—Normal reset when GR quits abnormally.

·     Delete—Delete OSPF process.

Reset prepare message replied

Modules that reply reset prepare messages:

·     P—Neighbor maintenance module.

·     L—LSDB synchronization module.

·     C—Route calculation module.

·     R—Route redistribution module.

Reset process message replied

Modules that reply reset process messages:

·     P—Neighbor maintenance module.

·     L—LSDB synchronization module.

·     C—Route calculation module.

·     R—Route redistribution module.

Reset phase of module

Reset phase of each module:

·     Main control module:

¡     N/ANot reset.

¡     Delete area.

¡     Delete process.

·     Neighbor maintenance (P) module:

¡     N/A—Not reset.

¡     Delete neighbor.

¡     Delete interface.

¡     Delete vlink—Delete virtual link.

·     LSDB synchronization (L) module:

¡     N/A—Not reset.

¡     Stop timer.

¡     Delete ASE—Delete all ASE LSAs.

¡     Delete ASE maps—Delete ASE LSA maps.

¡     Clear process data.

¡     Delete area LSA—Delete LSAs and maps from an area.

¡     Delete area interface—Delete interfaces from an area.

¡     Delete process—Delete process-related resources.

¡     Restart—Restart process-related resources.

·     Route calculation (C) module:

¡     N/A—Not reset.

¡     Delete topology—Delete area topology.

¡     Delete router—Delete routes of routers.

¡     Delete intra AS—Delete intra-AS routes

¡     Delete inter AS—Delete AS-external routes.

¡     Delete forward address—Delete forwarding address list.

¡     Delete advertise—Delete advertising router list.

·     Route redistribution (R) module:

¡     N/A—Not reset.

¡     Delete ABR summary—Delete summary routes of the ABR.

¡     Delete ASBR summary—Delete summary routes of the ASBR.

¡     Delete import—Delete redistributed routes.

Area

Area ID in the IP address format.

MPLS TE not enabled

Status of MPLS TE for the OSPF area, which can be MPLS TE not enabled or MPLS TE enabled.

Authtype

Authentication type of the area:

·     None—No authentication.

·     Simple—Simple authentication.

·     MD5—MD5 authentication.

·     Keychain—Keychain authentication.

Area flag

Type of the area:

·     Normal.

·     Stub.

·     StubNoSummary (totally stub area).

·     NSSA.

·     NSSANoSummary (totally NSSA area).

7/5 translator state

State of the translator that translates Type-7 LSAs to Type-5 LSAs:

·     Enabled—The translator is specified through commands.

·     Elected—The translator is designated through election.

·     Disabled—The device is not a translator.

7/5 translate stability timer interval

Stability interval for Type-7 LSA-to-Type-5 LSA translation.

SPF scheduled Count

SPF calculation count in the OSPF area.

Interface

Interface in the area.

Cost

Interface cost.

State

Interface state.

Type

Interface network type.

MTU

Interface MTU.

Priority

Router priority.

Timers

OSPF timers:

·     Hello—Interval for sending hello packets.

·     Dead—Interval within which the neighbor is down.

·     Poll—Interval for sending hello packets.

·     Retransmit—Interval for retransmitting LSAs.

FRR backup

Whether Loop Free Alternate (LFA) calculation is enabled on an interface.

Simple authentication enabled

Simple authentication is enabled.

Keychain authentication enabled, name is xx

Keychain authentication is enabled. The name of the keychain is xx.

MD5 authentication enabled

MD5/HMAC-MD5 authentication is enabled.

The last key is xx

The most recent MD5/HMAC-MD5 authentication key ID is xx.

The rollover is in progress, xx neighbor(s) left

Key rollover for MD5/HMAC-MD5 authentication is in progress. The number of neighbors that have not completed rollover is xx.

Packet size

Maximum length of OSPF packets that can be sent by the interface.

 

display ospf abr-asbr

Use display ospf abr-asbr to display routes to the ABR or ASBR.

Syntax

display ospf [ process-id ] abr-asbr [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays routes to the ABR and ASBR for all OSPF processes.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Usage guidelines

If you use this command on routers in a stub area, the commands displays no ASBR information.

Examples

# Display brief information about routes to the ABR or ASBR.

<Sysname> display ospf abr-asbr

 

          OSPF Process 1 with Router ID 192.168.1.2

                  Routing Table to ABR and ASBR

 

 

                Topology base (MTID 0)

 Type        Destination       Area       Cost  Nexthop         RtType

 Inter       3.3.3.3           0.0.0.0    3124  10.1.1.2        ASBR

 Intra       2.2.2.2           0.0.0.0    1562  10.1.1.2        ABR

# Display detailed information about routes to the ABR or ASBR.

<Sysname> display ospf abr-asbr verbose

 

          OSPF Process 10 with Router ID 101.1.1.11

                  Routing Table to ABR and ASBR

 

                Topology base (MTID 0)

 

 Destination: 1.1.1.1             RtType     : ASBR

 Area       : 0.0.0.1             Type       : Intra

 Nexthop    : 150.0.1.12          BkNexthop  : 0.0.0.0

 Interface  : Vlan10              BkInterface: N/A

 Cost       : 1000

Table 2 Command output

Field

Description

Type

Type of the route to the ABR or ASBR:

·     Intra—Intra-area route.

·     Inter—Inter-area route.

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Destination

Router ID of an ABR or ASBR.

Area

ID of the area of the next hop.

Cost

Cost from the router to the ABR or ASBR.

Nexthop

Next hop address.

BkNexthop

Backup next hop address.

RtType

Router type: ABR or ASBR.

Interface

Output interface.

BkInterface

Backup output interface.

 

display ospf abr-summary

Use display ospf abr-summary to display ABR summary route information.

Syntax

display ospf [ process-id ] [ area area-id ] abr-summary [ ip-address { mask-length | mask } ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about ABR summary routes for all OSPF processes.

area area-id: Specifies an OSPF area by its ID. The area ID is an IP address or a decimal integer in the range of 0 to 4294967295 that is translated into the IP address format. If you do not specify this option, the command displays information about ABR summary routes for all OSPF areas.

ip-address: Specifies a summary route by its IP address.

mask-length: Specifies the mask length in the range of 0 to 32.

mask: Specifies the mask in dotted decimal notation.

verbose: Displays detailed ABR summary route information. If you do not specify this keyword, the command displays brief ABR summary route information.

Usage guidelines

If you do not specify an IP address, this command displays information about all summary routes on the ABR.

Examples

# Display brief information about summary routes on the ABR.

<Sysname> display ospf abr-summary

 

          OSPF Process 1 with Router ID 2.2.2.2

                  ABR Summary Addresses

 

                Topology base (MTID 0)

                         Area: 0.0.0.1

 Total summary address count: 1

 Net             Mask            Status        Count      Cost

 100.0.0.0       255.0.0.0       Advertise     1          (Not Configured)

Table 3 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Area

Area to which the summary routes belong.

Total summary address count

Total number of summary routes.

Net

Address of the summary route.

Mask

Mask of the summary route address.

Status

Advertisement status of the summary route: Advertise or Non-Advertise.

Count

Number of summarized routes.

Cost

Cost of the summary route.

 

# Display detailed information about summary routes on the ABR.

<Sysname> display ospf abr-summary verbose

 

          OSPF Process 1 with Router ID 2.2.2.2

                  ABR Summary Addresses

 

                Topology base (MTID 0)

                         Area: 0.0.0.1

 Total summary address count: 1

 

 Net         : 100.0.0.0

 Mask        : 255.0.0.0

 Status      : Advertise

 Cost        : (Not Configured)

 Routes count: 1

   Destination            NetMask                 Metric

   100.1.1.0              255.255.255.0           1000

Table 4 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Destination

Destination address of a summarized route.

NetMask

Network mask of a summarized route.

Metric

Metric of a summarized route.

 

display ospf asbr-summary

Use display ospf asbr-summary to display ASBR summary route information.

Syntax

display ospf [ process-id ] asbr-summary [ ip-address { mask-length | mask } ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about ASBR summary routes for all OSPF processes.

ip-address: Specifies an IP address in dotted decimal notation.

mask-length: Specifies the mask length in the range of 0 to 32.

mask: Specifies the mask in dotted decimal notation.

Usage guidelines

If you do not specify an IP address, this command displays information about all ASBR summary routes.

Examples

# Display ASBR summary route information in OSPF process 1.

<Sysname> display ospf 1 asbr-summary

 

          OSPF Process 1 with Router ID 2.2.2.2

                  Summary Addresses

 

 

                Topology base (MTID 0)

 Total summary address count: 1

 

                  Summary Address

 

 Net         : 30.1.0.0

 Mask        : 255.255.0.0

 Tag         : 20

 Status      : Advertise

 Cost        : 10 (Configured)

 Route count : 2

 

 Destination     Net mask        Proto      Process   Type     Metric

 

 30.1.2.0        255.255.255.0   OSPF       2         2        1

 30.1.1.0        255.255.255.0   OSPF       2         2        1

Table 5 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Total summary address count

Total number of summary routes.

Net

Address of the summary route.

Mask

Mask of the summary route address.

Tag

Tag of the summary route.

Status

Advertisement status of the summary route.

Cost

Cost of the summary route.

Route count

Number of summarized routes.

Destination

Destination address of a summarized route.

Net mask

Network mask of a summarized route.

Proto

Routing protocol from which the route was redistributed.

Process

Process ID of the routing protocol from which the route was redistributed.

Type

Type of a summarized route.

Metric

Metric of a summarized route.

 

display ospf event-log

Use display ospf event-log to display OSPF log information.

Syntax

display ospf [ process-id ] event-log { lsa-flush | peer | spf }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays OSPF log information for all processes.

lsa-flush: Specifies LSA aging log information.

peer: Specifies neighbor log information.

spf: Specifies route calculation log information.

Usage guidelines

Route calculation logs show the number of routes newly installed in the IP routing table.

Neighbor logs include information about the following events:

·     The OSPF neighbor state goes down.

·     The OSPF neighbor state goes backward because the local end receives BadLSReq, SeqNumberMismatch, and 1-Way events.

Examples

# Display OSPF LSA aging log information for all processes.

<Sysname> display ospf event-log lsa-flush

 

          OSPF Process 1 with Router ID 1.1.1.1

                  LSA Flush Log

 

 Date: 2013-09-22 Time: 14:47:33 Received MaxAge LSA from 10.1.1.1

 Type: 1   LS ID: 2.2.2.2         AdvRtr: 2.2.2.2           Seq#: 80000001

 

 Date: 2013-09-22 Time: 14:47:33 Flushed MaxAge LSA by the self

 Type: 1   LS ID: 1.1.1.1         AdvRtr: 1.1.1.1           Seq#: 80000001

 

 Date: 2013-09-22 Time: 14:47:33 Received MaxAge LSA from 10.1.2.2

 Type: 1   LS ID: 2.2.2.2         AdvRtr: 2.2.2.2           Seq#: 80000001

 

 Date: 2013-09-22 Time: 14:47:33 Flushed MaxAge LSA by the self

 Type: 1   LS ID: 1.1.1.1         AdvRtr: 1.1.1.1           Seq#: 80000001

Table 6 Command output

Field

Description

Date/Time

Time when the device receives an LSA that has reached the maximum age.

Received MaxAge LSA from X.X.X.X

The device received an LSA that has reached the maximum age from X.X.X.X.

Flushed MaxAge LSA by the self

The device flushed the LSA that has reached the maximum age.

Type

LSA type.

LS ID

LSA link state ID.

AdvRtr

Advertising router.

Seq#

LSA sequence number.

 

# Display OSPF route calculation log information for all processes.

<Sysname> display ospf event-log spf

 

          OSPF Process 1 with Router ID 1.1.1.2

                  SPF Log

 

                Topology base (MTID 0)

 

Date       Time     Duration   Intra Inter External Reason

2012-06-27 15:28:26 0.95       1     1     10000    Intra-area LSA

2012-06-27 15:28:23 0.2        0     0     0        Area 0 full neighbor

2012-06-27 15:28:19 0          0     0     0        Intra-area LSA

2012-06-27 15:28:19 0          0     0     0        external LSA

2012-06-27 15:28:19 0.3        0     0     0        Intra-area LSA

2012-06-27 15:28:12 0          1     0     0        Intra-area LSA

2012-06-27 15:28:11 0          0     0     0        Routing policy

2012-06-27 15:28:11 0          0     0     0        Intra-area LSA

Table 7 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Date/Time

Time when the route calculation starts.

Duration

Duration of the route calculation, in seconds.

Intra

Number of intra-area routes newly installed in the IP routing table.

Inter

Number of inter-area routes newly installed in the IP routing table.

External

Number of external routes newly installed in the IP routing table.

Reason

Reasons why the route calculation is performed:

·     Intra-area LSA—Intra-area LSA changes.

·     Inter-area LSA—Inter-area LSA changes.

·     External LSA—External LSA changes.

·     Configuration—Configuration changes.

·     Area 0 full neighbor—Number of FULL-state neighbors in Area 0 changes.

·     Area 0 up interface—Number of interfaces in up state in Area 0 changes.

·     LSDB overflow state—Overflow status changes.

·     AS number—AS number changes.

·     ABR summarization—ABR summarization changes.

·     GR end—GR ends.

·     Routing policy—Routing policy changes.

·     Intra-area tunnel—Intra-area tunnel changes.

·     Others—Other reasons.

 

# Display OSPF neighbor log information for OSPF process 1.

<Sysname> display ospf 1 event-log peer

 

          OSPF Process 1 with Router ID 1.1.1.1

                  Neighbors Log

 

Date       Time     Local Address   Remote Address  Router ID       Reason

2012-12-31 12:35:45 197.168.1.1     197.168.1.2     2.2.2.2         IntPhyChange

2012-12-31 12:35:19 197.168.1.1     197.168.1.2     2.2.2.2         ConfNssaArea

2012-12-31 12:34:59 197.168.1.1     197.168.1.2     2.2.2.2         SilentInt

Table 8 Command output

Field

Description

Date/Time

Time when the neighbor state changes.

Local Address

Local address of the neighbor relationship.

Remote Address

Peer address of the neighbor relationship.

Router ID

Neighbor router ID.

Reason

Reasons for neighbor state changes:

·     ResetConnect—The connection is lost due to insufficient memory.

·     IntChange—The interface parameter has changed.

·     VlinkChange—The virtual link parameter has changed.

·     ResetOspf—The OSPF process is reset.

·     UndoOspf—The OSPF process is deleted.

·     UndoArea—The OSPF area is deleted.

·     UndoNetwork—The interface is disabled.

·     SilentInt—The interface is configured as a silent interface.

·     IntLogChange—The logical attribute of the interface has changed.

·     IntPhyChange—The physical attribute of the interface has changed.

·     IntVliChange—The virtual link attribute of the interface has changed.

·     VlinkDown—The virtual link goes down.

·     DeadExpired—The dead timer expires.

·     ConfStubArea—The interface is configured with stub area parameters.

·     ConfNssaArea—The interface is configured with NSSA area parameters.

·     AuthChange—The authentication type has changed.

·     OpaqueChange—The Opaque capability has changed.

·     Retrans—Excessive retransmissions.

·     LLSChange—The LLS capability has changed.

·     OOBChange—The OOB capability has changed.

·     GRChange—The GR capability has changed.

·     BFDDown—The interface is shut down by BFD.

·     BadLSReq—The interface receives BadLSReq events.

·     SeqMismatch—The interface receives SeqNumberMismatch events.

·     1-Way—The interface receives 1-Way events.

·     LocalNoLSA—The requested LSA does not exist.

·     SameLSAReq—The received LSA is in the local request queue.

·     OldLSAReq—The received LSA has a larger aging time than the requested LSA in the local request queue.

·     DdTimerOut—Receives a DD packet after the hello timer expires.

·     EAChange—The External Attribute bit has changed.

·     RecvNoDupPkt—Receives a non-duplicate DD packet in loading or full status.

·     EbitChange—The E bit has changed.

·     MSbitChange—The MS bit has changed.

·     IbitChange—The I bit has changed.

·     MSeqNumError—The primary router receives an unexpected serial number from the secondary router.

·     SSeqNumError—The secondary router receives an unexpected serial number from the primary router.

·     RecvOpqIntf—A DD packet that contains a type 9 LSA is received when the opaque LSA reception and advertisement capability is disabled.

·     RecvOpqArea—A DD packet that contains a type 10 LSA is received when the opaque LSA reception and advertisement capability is disabled.

·     RecvOpqAs—A DD packet that contains a type 11 LSA is received when the opaque LSA reception and advertisement capability is disabled.

·     RecvNSSA—A DD packet that contains a type 7 LSA is received in a non-NSSA area.

·     InvalidLSA—A DD packet that contains an invalid LSA is received.

·     RecvASE—A DD packet that contains a type 5 LSA is received on a virtual link or in a stub area.

 

Related commands

reset ospf event-log

display ospf fast-reroute lfa-candidate

Use display ospf fast-reroute lfa-candidate to display OSPF FRR backup next hop information.

Syntax

display ospf [ process-id ] [ area area-id ] fast-reroute lfa-candidate

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays FRR backup next hop information for all processes.

area area-id: Specifies an OSPF area by its ID. The area ID is an IP address or a decimal integer in the range of 0 to 4294967295 that is translated into the IP address format. If you do not specify this option, the command displays FRR backup next hop information for all OSPF areas.

Examples

# Display OSPF FRR backup next hop information.

<Sysname> display ospf 1 area 0 fast-reroute lfa-candidate

 

          OSPF Process 1 with Router ID 2.2.2.2

                  LFA Candidate List

 

                Topology base (MTID 0)

 

 Area: 0.0.0.0

 Candidate nexthop count: 2

 NextHop          IntIP            Interface

 10.0.1.1         10.0.1.2         Vlan10

 10.0.11.1        10.0.11.2        Vlan20

Table 9 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Area

Area to which the backup next hops belong.

Candidate nexthop count

Number of backup next hops.

NextHop

Backup next hop address.

IntIP

IP address of the output interface.

Interface

Output interface.

 

display ospf graceful-restart

Use display ospf graceful-restart to display GR information.

Syntax

display ospf [ process-id ] graceful-restart [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays GR information for all processes.

verbose: Displays detailed GR information. If you do not specify this keyword, the command displays brief GR information.

Examples

# Display detailed GR information.

<Sysname> display ospf graceful-restart verbose

 

          OSPF Process 1 with Router ID 1.1.1.1

              Graceful Restart information

 

Graceful Restart capability     : Enable(IETF)

Graceful Restart support        : Planned and unplanned,Partial

Helper capability               : Enable(IETF)

Helper support                  : Planned and unplanned(IETF),Strict LSA check

Current GR state                : Normal

Graceful Restart period         : 40 seconds

Number of neighbors under Helper: 0

Number of restarting neighbors  : 0

Last exit reason:

  Restarter  : None

  Helper     : None

 

Area: 0.0.0.0

Authtype: None Area flag: Normal

Area up Interface count: 2

 

Interface: 40.4.0.1 (Vlan-interface40)

Restarter state: Normal  State: P-2-P     Type: PTP

Last exit reason:

  Restarter  : None

  Helper     : None

Neighbor count of this interface: 1

Number of neighbors under Helper: 0

Neighbor        IP address      GR state     Last Helper exit reason

3.3.3.3         40.4.0.3        Normal       None

 

Virtual-link Neighbor-ID  -> 4.4.4.4, Neighbor-State: Full

Restarter state: Normal

Interface: 20.2.0.1 (Vlink)

Transit Area: 0.0.0.1

Last exit reason:

  Restarter  : None

  Helper     : None

Neighbor        IP address      GR state     Last Helper exit reason

4.4.4.4         20.2.0.4        Normal       Reset neighbor

Table 10 Command output

Field

Description

OSPF Process 1 with Router ID 1.1.1.1

Graceful Restart information

GR information for OSPF process 1 with router ID 1.1.1.1.

Graceful Restart capability

Whether GR is enabled:

·     Enable(IETF)—IETF GR is enabled.

·     Enable(Nonstandard)—Non-IETF GR is enabled.

·     Disable—GR is disabled.

Graceful Restart support

GR modes that the process supports (displayed only when GR is enabled):

·     Planned and unplanned—Supports both planned and unplanned GR.

·     Planned only—Supports only planned GR.

·     Partial—Supports partial GR.

·     Global—Supports global GR.

Helper capability

Helper capability that the process supports:

·     Enable(IETF)—Supports IETF GR helper capability.

·     Enable(Nonstandard)—Supports non-IETF GR helper capability.

·     Enable(IETF and nonstandard)—Supports both IETF GR helper capability and non-IETF GR helper capability.

·     Disable—Does not support GR helper capability.

Helper support

Policies that the helper supports (displayed only when GR helper is enabled):

·     Strict lsa check—The helper supports strict LSA checking.

·     Planned and unplanned—The helper supports planned and unplanned GR.

·     Planned only—The helper supports only planned GR.

Current GR state

GR state:

·     Normal—GR is not in progress or has completed.

·     Under GR—GR is in process.

·     Under Helper—The process is acting as GR helper.

Last exit reason

Last exit reason:

·     Restarter—Reason that the restarter exited most recently.

·     Helper—Reason that the helper exited most recently.

Area

Area ID in IP address format.

Authtype

Authentication type of the area:

·     None—No authentication.

·     Simple—Simple authentication.

·     MD5—MD5 authentication.

·     Keychain—Keychain authentication.

Area flag

Type of the area:

·     Normal.

·     Stub.

·     StubNoSummary (totally stub area).

·     NSSA.

·     NSSANoSummary (totally NSSA area).

Area up Interface count

Number of up interfaces in the area.

Interface

Interface in the area.

Restarter state

Restarter state on the interface.

State

Interface state.

Type

Interface network type.

Neighbor count of this interface

Neighbors of an interface.

Neighbor

Neighbor router ID.

IP address

Neighbor IP address.

GR state

Neighbor GR state:

·     Normal—GR is not in progress or has completed.

·     Under GR—GR is in process.

·     Under Helper—The process is acting as GR helper.

Last Helper exit reason

Reason that the helper exited most recently.

Virtual-link Neighbor-ID

Router ID of the virtual link's neighbor.

Neighbor-State

Neighbor state: Down, Init, 2-Way, ExStart, Exchange, Loading, and Full.

Interface

Output interface of the virtual link.

 

display ospf interface

Use display ospf interface to display OSPF interface information.

Syntax

display ospf [ process-id ] interface [ interface-type interface-number | verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays the OSPF interface information for all OSPF processes.

interface-type interface-number: Specifies an interface by its type and number.

verbose: Displays detailed OSPF information for all interfaces.

Usage guidelines

If you do not specify the interface-type interface-number argument or the verbose keyword, this command displays OSPF brief information for all interfaces.

Examples

# Display all OSPF interface brief information.

<Sysname> display ospf interface

 

          OSPF Process 1 with Router ID 192.168.1.1

                  Interfaces

 

 Area: 0.0.0.0

 IP Address      Type         State    Cost  Pri   DR              BDR

 192.168.1.1     PTP          P-2-P    1562  1     0.0.0.0         0.0.0.0

 

 Area: 0.0.0.1

 IP Address      Type         State    Cost  Pri   DR              BDR

 172.16.0.1      Broadcast    DR       1     1     172.16.0.1      0.0.0.0

Table 11 Command output

Field

Description

Area

Area ID of the interface.

IP Address

Interface IP address (regardless of whether TE is enabled or not).

Type

Interface network type: PTP (P2P), PTMP (P2MP), Broadcast, or NBMA.

State

Interface state:

·     Down—No protocol traffic can be sent or received on the interface.

·     Loopback—The interface is in loopback state and it cannot forward traffic.

·     Waiting—The interface starts sending and receiving Hello packets. The router is trying to determine the identity of the (Backup) designated router for the network.

·     P-2-P—The interface will send Hello packets at the hello interval, and try to establish an adjacency with the neighbor.

·     DR—The router is the designated router on the network.

·     BDR—The router is the backup designated router on the network.

·     DROther—The router is a DR Other router on the attached network.

Cost

Interface cost.

Pri

Router priority.

DR

DR on the interface's network segment.

BDR

BDR on the interface's network segment.

 

# Display detailed information about VLAN-interface 10.

<Sysname> display ospf interface vlan-interface 10

 

 

          OSPF Process 1 with Router ID 192.168.1.1

                  Interfaces

 

 Area: 0.0.0.0

 

 Interface: 172.16.0.1 (Vlan-interface10)

 Cost: 1       State: DR        Type: Broadcast    MTU: 1500

 Priority: 1

 Designated router: 172.16.0.1

 Backup designated router: 0.0.0.0

 Timers: Hello 10, Dead 40, Poll  40, Retransmit 5, Transmit Delay 1

 FRR backup: Enabled

 Primary path detection mode: BFD ctrl

 Enabled by interface configuration (including secondary IP addresses)

 BFD: echo

 MD5 authentication enabled.

    The last key is 3.

    The rollover is in progress, 2 neighbor(s) left.

 LDP state: No-LDP

 LDP sync state: Achieved

 Packet size: 1000

Table 12 Command output

Field

Description

Interface

Information about the interface, such as the IP address.

Timers

OSPF timers (in seconds): Hello, Dead, Poll, and Retransmit.

Transmit Delay

LSA transmission delay on the interface, in seconds.

FRR backup

Whether LFA calculation is enabled on an interface.

Primary path detection mode

Primary link detection mode:

·     BFD ctrl—BFD control packet mode.

·     BFD echo—BFD echo packet mode.

Enabled by interface configuration (including secondary IP addresses)

OSPF is enabled on the interface (including secondary IP addresses).

BFD

BFD session mode enabled on the interface:

·     ctrl—BFD control packet mode.

·     echo—BFD echo packet mode.

Simple authentication enabled

Simple authentication is enabled.

Keychain authentication enabled, name is xx

Keychain authentication is enabled. The name of the keychain is xx.

MD5 authentication enabled

MD5/HMAC-MD5 authentication is enabled.

The last key is xx

The most recent MD5/HMAC-MD5 authentication key ID is xx.

The rollover is in progress, xx neighbor(s) left.

Key rollover for MD5/HMAC-MD5 authentication is in progress. The number of neighbors that have not completed rollover is xx.

LDP state

LDP state:

·     Init—Initialization state. LDP has not been delivered.

·     No-LDP—LDP is not configured.

·     Not ready—LDP sessions have not been established.

·     Ready—LDP sessions have been established.

LDP sync state

LDP IGP synchronization state:

·     Init—Initialization state.

·     Achieved—LDP has been synchronized.

·     Max cost—OSPF advertises the maximum cost in LSAs.

Packet size

Maximum length of OSPF packets that can be sent by the interface.

 

display ospf lsdb

Use display ospf lsdb to display OSPF LSDB information.

Syntax

display ospf [ process-id ] lsdb [ brief | originate-router advertising-router-id | self-originate ]

display ospf [ process-id ] lsdb { ase | opaque-as } [link-state-id ] [ originate-router advertising-router-id | self-originate ]

display ospf [ process-id ] lsdb { asbr | network | nssa | opaque-area | opaque-link | router | summary } [link-state-id ] [originate-router advertising-router-id | self-originate ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays LSDB information for all OSPF processes.

area area-id: Specifies an OSPF area by its ID. The area ID is an IP address or a decimal integer in the range of 0 to 4294967295 that is translated into the IP address format. If you do not specify this option, the command displays LSDB information for all OSPF areas.

brief: Displays brief LSDB information.

asbr: Displays Type-4 LSA (ASBR Summary LSA) information in the LSDB.

ase: Displays Type-5 LSA (AS External LSA) information in the LSDB.

network: Displays Type-2 LSA (Network LSA) information in the LSDB.

nssa: Displays Type-7 LSA (NSSA External LSA) information in the LSDB.

opaque-area: Displays Type-10 LSA (Opaque-area LSA) information in the LSDB.

opaque-as: Displays Type-11 LSA (Opaque-AS LSA) information in the LSDB.

opaque-link: Displays Type-9 LSA (Opaque-link LSA) information in the LSDB.

router: Displays Type-1 LSA (Router LSA) information in the LSDB.

summary: Displays Type-3 LSA (Network Summary LSA) information in the LSDB.

link-state-id: Specifies a link state ID in the IP address format.

originate-router advertising-router-id: Specifies an advertising router by its ID.

self-originate: Displays information about self-originated LSAs.

Examples

# Display OSPF LSDB information.

<Sysname> display ospf lsdb

         OSPF Process 1 with Router ID 192.168.0.1

                 Link State Database

 

                         Area: 0.0.0.0

 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Metric

 Router    192.168.0.2     192.168.0.2        474  36    80000004   0

 Router    192.168.0.1     192.168.0.1        21   36    80000009   0

 Network   192.168.0.1     192.168.0.1        321  32    80000003   0

 Sum-Net   192.168.1.0     192.168.0.1        321  28    80000002   1

 Sum-Net   192.168.2.0     192.168.0.2        474  28    80000002   1

                         Area: 0.0.0.1

 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Metric

 Router    192.168.0.1     192.168.0.1        21   36    80000005   0

 Sum-Net   192.168.2.0     192.168.0.1        321  28    80000002   2

 Sum-Net   192.168.0.0     192.168.0.1        321  28    80000002   1

                         Type 9 Opaque (Link-Local Scope) Database

 Flags: * -Vlink interface LSA

 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Interfaces

*Opq-Link  3.0.0.0         7.2.2.1            8    14    80000001   10.1.1.2

*Opq-Link  3.0.0.0         7.2.2.2            8    14    80000001   20.1.1.2

Table 13 Command output

Field

Description

Area

LSDB information for the area.

Type

LSA type.

LinkState ID

Link state ID.

AdvRouter

Advertising router.

Age

Age of the LSA.

Len

Length of the LSA.

Sequence

Sequence number of the LSA.

Metric

Cost of the LSA.

*Opq-Link

Opaque LSA generated by a virtual link.

 

# Display Type-2 LSA (Network LSA) information in the LSDB.

<Sysname> display ospf 1 lsdb network

 

          OSPF Process 1 with Router ID 192.168.1.1

                  Link State Database

 

                          Area: 0.0.0.0

 

    Type      : Network

    LS ID     : 192.168.0.2

    Adv Rtr   : 192.168.2.1

    LS age    : 922

    Len       : 32

    Options   :  E

    Seq#      : 80000003

    Checksum    : 0x8d1b

    Net mask  : 255.255.255.0

       Attached router    192.168.1.1

       Attached router    192.168.2.1

 

                          Area: 0.0.0.1

 

    Type      : Network

    LS ID     : 192.168.1.2

    Adv Rtr   : 192.168.1.2

    LS age    : 782

    Len       : 32

    Options   :  NP

    Seq#      : 80000003

    Checksum    : 0x2a77

    Net mask  : 255.255.255.0

       Attached router    192.168.1.1

       Attached router    192.168.1.2

Table 14 Command output

Field

Description

Type

LSA type.

LS ID

DR IP address.

Adv Rtr

Router that advertised the LSA.

LS age

LSA age time.

Len

LSA length.

Options

LSA options:

·     O—Opaque LSA advertisement capability.

·     E—AS External LSA reception capability.

·     EA—External extended LSA reception capability.

·     DC—On-demand link support.

·     N—NSSA external LSA support.

·     P—Capability of an NSSA ABR to translate Type-7 LSAs into Type-5 LSAs.

Seq#

LSA sequence number.

Checksum

LSA checksum.

Net mask

Network mask.

Attached router

ID of the router that established adjacency with the DR, and ID of the DR itself.

 

display ospf nexthop

Use display ospf nexthop to display OSPF next hop information.

Syntax

display ospf [ process-id ] nexthop

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays next hop information for all OSPF processes.

Examples

# Display OSPF next hop information.

<Sysname> display ospf nexthop

 

          OSPF Process 1 with Router ID 1.1.1.2

                  Neighbor Nexthop Information

 

 NbrID           Nexthop         Interface                RefCount   Status

 192.168.12.1    0.0.0.0         Vlan10                   4          Valid

 192.168.12.2    192.168.12.2    Vlan10                   3          Valid

 192.168.12.1    0.0.0.0         Loop100                  1          Valid

Table 15 Command output

Field

Description

NbrID

Neighbor router ID.

Nexthop

Next hop address.

Interface

Output interface.

RefCount

Reference count (routes that use the next hop).

Status

Next hop status: valid or invalid.

 

display ospf non-stop-routing status

Use display ospf non-stop-routing status to display OSPF NSR information.

Syntax

display ospf [ process-id ] non-stop-routing status

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays OSPF NSR information for all OSPF processes.

Examples

# Display OSPF NSR information.

<Sysname> display ospf non-stop-routing status

 

                   OSPF Process 1 with Router ID 192.168.33.12

                          Non Stop Routing information

 

Non Stop Routing capability : Enabled

Upgrade phase : Normal

Table 16 Command output

Field

Description

Non Stop Routing capability

NSR status: enabled or disabled.

Upgrade phase

Upgrade phase:

·     Prepare—Upgrade preparation phase.

·     Restore Smooth—Upgrade phase.

·     Preroute—Route pre-calculation phase.

·     Calculating—Route calculation phase.

·     Redisting—Route redistribution phase.

·     Original and age—LSA generation and aging phase.

·     Normal—Normal status.

 

display ospf peer

Use display ospf peer to display information about OSPF neighbors.

Syntax

display ospf [ process-id ] peer [ verbose ] [ interface-type interface-number ] [ neighbor-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by ID in the range of 1 to 65535. If you do not specify this argument, the command displays OSPF neighbor information for all OSPF processes.

verbose: Displays detailed neighbor information. If you do not specify this keyword, the command displays brief OSPF neighbor information.

interface-type interface-number: Specifies an interface by its type and number. If you do not specify this argument, the command displays neighbor information for all interfaces.

neighbor-id: Specifies a neighbor router ID. If you do not specify this argument, the command displays all neighbor information.

Examples

# Display detailed OSPF neighbor information.

<Sysname> display ospf peer verbose

 

          OSPF Process 1 with Router ID 1.1.1.1

                  Neighbors

 

 Area 0.0.0.0 interface 1.1.1.1(Vlan-interface100)'s neighbors

 Router ID: 1.1.1.2          Address: 1.1.1.2          GR state: Normal

   State: Full  Mode: Nbr is master  Priority: 1

   DR: 1.1.1.2  BDR: 1.1.1.1  MTU: 0

   Options is 0x02 (-|-|-|-|-|-|E|-)

   Dead timer due in 33  sec

   Neighbor is up for 02:03:35

   Authentication sequence: [ 0 ]

   Neighbor state change count: 6

   BFD status: Disabled

 

 

 Last Neighbor Down Event:

 Router ID: 22.22.22.22

 Local Address: 11.11.11.11

 Remote Address: 22.22.22.22

 Time: Apr  9 03:18:19 2014

 Reason: Ospf_ifachange

Table 17 Command output

Field

Description

Area areaID interface IPAddress(InterfaceName)'s neighbors

Neighbor information for the interface in the specified area:

·     areaID—Area to which the neighbor belongs.

·     IPAddress—Interface IP address.

·     InterfaceName—Interface name.

Router ID

Neighbor router ID.

Address

Neighbor router address.

GR state

GR state:

·     Normal.

·     Restarter.

·     Complete.

·     Helper.

State

Neighbor state:

·     Down—Initial state of a neighbor conversation.

·     Init—The router has received a Hello packet from the neighbor. However, the router has not established bidirectional communication with the neighbor. The router did not appear in the neighbor's hello packet.

·     Attempt—Available only in an NBMA network. In this state, the OSPF router has not received any information from a neighbor for a period. The router can send Hello packets at a longer interval to keep the neighbor relationship.

·     2-Way—Communication between the two routers is bidirectional. The local router appears in the neighbor's Hello packet.

·     Exstart—The goal of this state is to decide which router is the master, and to decide upon the initial Database Description (DD) sequence number.

·     Exchange—The router is sending DD packets to the neighbor, describing its entire link-state database.

·     Loading—The router sends LSRs packets to the neighbor, requesting more recent LSAs.

·     Full—The neighboring routers are fully adjacent.

Mode

Neighbor mode for LSDB synchronization.

Priority

Neighboring router priority.

DR

DR on the interface's network segment.

BDR

BDR on the interface's network segment.

MTU

Interface MTU.

Options

LSA options:

·     O—Opaque LSA advertisement capability.

·     E—AS External LSA reception capability.

·     EA—External extended LSA reception capability.

·     DC—On-demand link support.

·     N—NSSA external LSA support.

·     P—Capability of an NSSA ABR to translate Type-7 LSAs into Type-5 LSAs.

Dead timer due in 33 sec

This dead timer will expire in 33 seconds.

Neighbor is up for 02:03:35

The neighbor has been up for 02:03:35.

Authentication sequence

Authentication sequence number.

Neighbor state change count

Count of neighbor state changes.

BFD status

BFD status:

·     Disabled.

·     Enabled (Control mode).

·     Enabled (Echo mode).

Last Neighbor Down Event

The most recent neighbor down event.

Time

Time when the neighbor went down.

Reason

Reason for the neighbor down event.

 

# Display brief OSPF neighbor information.

<Sysname> display ospf peer

 

          OSPF Process 1 with Router ID 1.1.1.1

               Neighbor Brief Information

 

 Area: 0.0.0.0

 Router ID       Address         Pri Dead-Time  State             Interface

 1.1.1.2         1.1.1.2         1   40         Full/DR           Vlan10

Table 18 Command output

Field

Description

Area

Neighbor area.

Router ID

Neighbor router ID.

Address

Neighbor interface address.

Pri

Neighboring router priority.

Dead-Time

Dead interval remained.

Interface

Interface connected to the neighbor.

State

Neighbor state: Down, Init, Attempt, 2-Way, Exstart, Exchange, Loading, or Full.

 

display ospf peer statistics

Use display ospf peer statistics to display OSPF neighbor statistics.

Syntax

display ospf [ process-id ] peer statistics

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays OSPF neighbor statistics for all OSPF processes.

Examples

# Display OSPF neighbor statistics.

<Sysname> display ospf peer statistics

          OSPF Process 1 with Router ID 10.3.1.1

                    Neighbor Statistics

  Area ID         Down Attempt Init 2-Way ExStart Exchange Loading Full Total

  0.0.0.0         0    0       0    0     0       0        0       1    1

  0.0.0.2         0    0       0    0     0       0        0       1    1

  Total           0    0       0    0     0       0        0       2    2

Table 19 Command output

Field

Description

Area ID

The state statistics for all the routers in the area to which the router belongs is displayed.

Down

Number of neighboring routers in Down state in the same area.

Attempt

Number of neighboring routers in Attempt state in the same area.

Init

Number of neighboring routers in Init state in the same area.

2-Way

Number of neighboring routers in 2-Way state in the same area.

ExStart

Number of neighboring routers in ExStart state in the same area.

Exchange

Number of neighboring routers in Exchange state in the same area.

Loading

Number of neighboring routers in Loading state in the same area.

Full

Number of neighboring routers in Full state in the same area.

Total

Total number of neighbors in the same state: Down, Attempt, Init, 2-Way, ExStart, Exchange, Loading, or Full.

 

display ospf request-queue

Use display ospf request-queue to display OSPF request queue information.

Syntax

display ospf [ process-id ] request-queue [ interface-type interface-number ] [ neighbor-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays the OSPF request queue information for all OSPF processes.

interface-type interface-number: Specifies an interface by its type and number. If you do not specify this argument, the command displays the OSPF request queue information for all interfaces.

neighbor-id: Specifies a neighbor's router ID. If you do not specify this argument, the command displays the OSPF request queue information for all OSPF neighbors.

Examples

# Display OSPF request queue information.

<Sysname> display ospf request-queue

 

          OSPF Process 100 with Router ID 192.168.1.59

                  Link State Request List

 

  The Router's Neighbor is Router ID 2.2.2.2         Address 10.1.1.2

  Interface 10.1.1.1         Area 0.0.0.0

  Request list:

       Type       LinkState ID      AdvRouter         Sequence   Age

       Router     2.2.2.2           1.1.1.1           80000004   1

       Network    192.168.0.1       1.1.1.1           80000003   1

       Sum-Net    192.168.1.0       1.1.1.1           80000002   2

Table 20 Command output

Field

Description

The Router's Neighbor is Router ID

Neighbor router ID.

Address

Neighbor interface IP address.

Interface

Local interface IP address.

Area

Area ID.

Request list

Request list information.

Type

LSA type.

LinkState ID

Link state ID.

AdvRouter

Advertising router.

Sequence

LSA sequence number.

Age

LSA age.

 

display ospf retrans-queue

Use display ospf retrans-queue to display retransmission queue information.

Syntax

display ospf [ process-id ] retrans-queue [ interface-type interface-number ] [ neighbor-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays retransmission queue information for all OSPF processes.

interface-type interface-number: Specifies an interface by its type and number. If you do not specify this argument, the command displays retransmission queue information for all interfaces.

neighbor-id: Specifies a neighbor's router ID. If you do not specify this argument, the command displays retransmission queue information for all neighbors.

Examples

# Display OSPF retransmission queue information.

<Sysname> display ospf retrans-queue

 

          OSPF Process 100 with Router ID 192.168.1.59

                  Link State Retransmission List

 

  The Router's Neighbor is Router ID 2.2.2.2         Address 10.1.1.2

  Interface 10.1.1.1         Area 0.0.0.0

  Retransmit list:

       Type       LinkState ID      AdvRouter         Sequence   Age

       Router     2.2.2.2           2.2.2.2           80000004   1

       Network    12.18.0.1         2.2.2.2           80000003   1

       Sum-Net    12.18.1.0         2.2.2.2           80000002   2

Table 21 Command output

Field

Description

The Router's Neighbor is Router ID

Neighbor router ID.

Address

Neighbor interface IP address.

Interface

Interface address of the router.

Area

Area ID.

Retransmit list

Retransmission list.

Type

LSA type.

LinkState ID

Link state ID.

AdvRouter

Advertising router.

Sequence

LSA sequence number.

Age

LSA age.

 

display ospf routing

Use display ospf routing to display OSPF routing information.

Syntax

display ospf [ process-id ] routing [ ip-address { mask-length | mask } ] [ interface interface-type interface-number ] [ nexthop nexthop-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays the routing information for all OSPF processes.

ip-address: Specifies a destination IP address.

mask-length: Specifies mask length in the range of 0 to 32.

mask: Specifies the mask in dotted decimal notation.

interface interface-type interface-number: Displays routes passing the specified output interface. If you do not specify this option, the command displays OSPF routing information for all interfaces.

nexthop nexthop-address: Displays routes passing the specified next hop. If you do not specify this option, the command displays all OSPF routing information.

verbose: Displays detailed OSPF routing information. If you do not specify this keyword, the command displays brief OSPF routing information.

Examples

# Display OSPF routing information.

<Sysname> display ospf routing

 

          OSPF Process 1 with Router ID 192.168.1.2

                   Routing Table

 

                Topology base (MTID 0)

 

 Routing for network

 Destination        Cost  Type       NextHop         AdvRouter     Area

 192.168.1.0/24     1562  Stub       192.168.1.2     192.168.1.2   0.0.0.0

 172.16.0.0/16      1563  Inter      192.168.1.1     192.168.1.1   0.0.0.0

 

 Total nets: 2

 Intra area: 1  Inter area: 1  ASE: 0  NSSA: 0

Table 22 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Destination

Destination network.

Cost

Cost to destination.

Type

Route type: transit, stub, inter, Type-1, and Type-2.

NextHop

Next hop address.

AdvRouter

Advertising router.

Area

Area ID.

Total nets

Total networks.

Intra area

Total intra-area routes.

Inter area

Total inter-area routes.

ASE

Total ASE routes.

NSSA

Total NSSA routes.

 

# Display detailed OSPF routing information.

<Sysname> display ospf routing verbose

 

          OSPF Process 2 with Router ID 192.168.1.112

                   Routing Table

 

                Topology base (MTID 0)

 

 Routing for network

 

 Destination: 192.168.1.0/24

    Priority: Low                     Type: Stub

   AdvRouter: 192.168.1.2             Area: 0.0.0.0

  SubProtoID: 0x1               Preference: 10

     NextHop: 192.168.1.2        BkNextHop: N/A

      IfType: Broadcast           BkIfType: N/A

   Interface: Vlan100          BkInterface: N/A

       NibID: 0x1300000c            Status: Normal

        Cost: 1562

 

 Destination: 172.16.0.0/16

    Priority: Low                     Type: Inter

   AdvRouter: 192.168.1.1             Area: 0.0.0.0

  SubProtoID: 0x1               Preference: 10

     NextHop: 192.168.1.1        BkNextHop: N/A

      IfType: Broadcast           BkIfType: N/A

   Interface: Vlan101          BkInterface: N/A

       NibID: 0x1300000c            Status: Normal

        Cost: 1563

 

 Total nets: 2

 Intra area: 2  Inter area: 0  ASE: 0  NSSA: 0

Table 23 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

Priority

Prefix priority: critical, high, medium, and low.

Type

Route type: intra-area, transit, stub, inter-area, Type-1 external, and Type-2 external.

AdvRouter

Advertising router.

Area

Area ID.

SubProtoID

Sub protocol ID.

Preference

OSPF route preference.

NextHop

Primary next hop IP address.

BkNextHop

Backup next hop IP address.

IfType

Type of the network to which the primary next hop belongs.

BkIfType

Type of the network to which the backup next hop belongs.

Interface

Output interface.

BkInterface

Backup output interface.

NibID

Next hop ID.

Status

Route status:

·     Local—The route is on the local end and is not sent to the route management module.

·     Invalid—The next hop is invalid.

·     Stale—The next hop is stale.

·     Normal—The route is available.

·     Delete—The route is deleted.

·     Host-Adv—The route is a host route.

·     Rely—The route is a recursive route.

Cost

Cost to destination.

 

display ospf spf-tree

Use display ospf spf-tree to display SPF tree information.

Syntax

display ospf [ process-id ] [ area area-id ] spf-tree [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify a process, this command displays SPF tree information for all OSPF processes.

area area-id: Specifies an OSPF area by its ID. The area ID is an IP address or a decimal integer in the range of 0 to 4294967295 that is translated into the IP address format. If you do not specify an area, this command displays SPF tree information for all OSPF areas.

verbose: Displays detailed SPF tree information. If you do not specify this keyword, the command displays brief SPF tree information.

Examples

# Display brief SPF tree information for Area 0 in OSPF process 1.

<Sysname> display ospf 1 area 0 spf-tree

 

          OSPF Process 1 with Router ID 100.0.0.4

 

        Flags: S-Node is on SPF tree       R-Node is directly reachable

               I-Node or Link is init      D-Node or Link is to be deleted

               P-Neighbor is parent        A-Node is in candidate list

               C-Neighbor is child         T-Node is tunnel destination

               H-Nexthop changed           N-Link is a new path

               V-Link is involved          G-Link is in change list

 

                Topology base (MTID 0)

 

                  Area: 0.0.0.0  Shortest Path Tree

 

 SpfNode         Type    Flag      SpfLink         Type   Cost  Flag

>192.168.119.130 Network S R

                                -->114.114.114.111 NET2RT 0     C

                                -->100.0.0.4       NET2RT 0     P

>114.114.114.111 Router  S

                                -->192.168.119.130 RT2NET 65535 P

>100.0.0.4       Router  S

                                -->192.168.119.130 RT2NET 10    C

Table 24 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

SpfNode

SPF node, represented by a router ID when the node type is Router, or the IP address of the DR when the node type is Network.

Node flag:

·     I—The node is in initialization state.

·     A—The node is on the candidate list.

·     S—The node is on the SPF tree.

·     R—The node is directly connected to the root node.

·     D—The node is to be deleted.

·     T—The node is the tunnel destination. ‌

SpfLink

SPF link, representing the peer node.

Link type:

·     RT2RT—Router to router.

·     NET2RT—Network to router.

·     RT2NET—Router to network.

Link flag:

·     I—The link is in initialization state.

·     P—The peer is the parent node.

·     C—The peer is the child node.

·     D—The link is to be deleted.

·     H—The next hop is changed.

·     V—When the peer node is deleted or added, the peer node is not on the SPF tree or is deleted.

·     N—The link is newly added, and both end nodes are on the SPF tree.

·     G—The link is on the area change list.

 

# Display detailed SPF tree information for Area 0 in OSPF process 1.

<Sysname> display ospf 1 area 0 spf-tree verbose

 

          OSPF Process 1 with Router ID 100.0.0.4

 

        Flags: S-Node is on SPF tree       R-Node is directly reachable

               I-Node or Link is init      D-Node or Link is to be deleted

               P-Neighbor is parent        A-Node is in candidate list

               C-Neighbor is child         T-Node is tunnel destination

               H-Nexthop changed           N-Link is a new path

               V-Link is involved          G-Link is in change list

 

                Topology base (MTID 0)

 

                  Area: 0.0.0.0  Shortest Path Tree

 

>LsId(192.168.119.130)

 AdvId    : 100.0.0.4       NodeType     : Network

 Mask     : 255.255.255.0   SPFLinkCnt   : 2

 Distance : 10

 VlinkData: 0.0.0.0         ParentLinkCnt: 1           NodeFlag: S R

 NextHop  : 1

   192.168.119.130    Interface: Vlan100

 BkNextHop: 1

   0.0.0.0            Interface: Vlan100

 -->LinkId(114.114.114.111)

    AdvId   : 100.0.0.4       LinkType   : NET2RT

    LsId    : 192.168.119.130 LinkCost   : 0           NextHopCnt: 1

    LinkData: 0.0.0.0         LinkNewCost: 0           LinkFlag  : C

 -->LinkId(100.0.0.4)

    AdvId   : 100.0.0.4       LinkType   : NET2RT

    LsId    : 192.168.119.130 LinkCost   : 0           NextHopCnt: 1

    LinkData: 0.0.0.0         LinkNewCost: 0           LinkFlag  : P

Table 25 Command output

Field

Description

Topology

Topology name. The topology name for base topology is base.

MTID

Topology ID. The value of 0 indicates the base topology.

LsId

Link state ID.

AdvId

ID of the advertising router.

NodeType

Node type:

·     Network—Network node.

·     Router—Router node.

Mask

Network mask. Its value is 0 for a router node.

SPFLinkCnt

Number of SPF links.

Distance

Cost to the root node.

VlinkData

Destination address of virtual link packets.

ParentLinkCnt

Number of parent links.

NodeFlag

Node flag:

·     I—The node is in initialization state.

·     A—The node is on the candidate list.

·     S—The node is on the SPF tree.

·     R—The node is directly connected to the root node.

·     D—The node is to be deleted.

·     T—The node is the tunnel destination. ‌

NextHop

Next hop.

Interface

Output interface.

BkNextHop

Backup next hop.

LinkId

Link ID.

LinkType

Link type:

·     RT2RT—Router to router.

·     NET2RT—Network to router.

·     RT2NET—Router to network.

LinkCost

Link cost.

NextHopCnt

Number of next hops.

LinkData

Link data.

LinkNewCost

New link cost.

LinkFlag

Link flag:

·     I—The link is in initialization state.

·     P—The peer is the parent node.

·     C—The peer is the child node.

·     D—The link is to be deleted.

·     H—The next hop is changed.

·     V—When the peer node is deleted or added, the peer node is not on the SPF tree or is deleted.

·     N—The link is newly added, and both end nodes are on the SPF tree.

·     G—The link is on the area change list.

 

display ospf statistics

Use display ospf statistics to display OSPF statistics.

Syntax

display ospf [ process-id ] statistics [ error | packet [ interface-type interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays OSPF statistics for all OSPF processes.

error: Displays error statistics. If you do not specify this keyword, the command displays OSPF packet, LSA, and route statistics.

packet: Displays OSPF packet statistics.

interface-type interface-number: Specifies an interface by its type and number. If you do not specify this argument, the command displays statistics for all interfaces.

Examples

# Display OSPF statistics.

<Sysname> display ospf statistics

 

          OSPF Process 1 with Router ID 2.2.2.2

                  Statistics

 

 I/O statistics

  Type                      Input     Output

  Hello                     61        122

  DB Description            2          3

  Link-State Req            1          1

  Link-State Update         3          3

  Link-State Ack            3          2

 

 LSAs originated by this router

  Router  : 4

  Network : 0

  Sum-Net : 0

  Sum-Asbr: 0

  External: 0

  NSSA    : 0

  Opq-Link: 0

  Opq-Area: 0

  Opq-As  : 0

 

 LSAs originated: 4  LSAs received: 7

 

 Routing table:

   Intra area: 2  Inter area: 3  ASE/NSSA: 0

Table 26 Command output

Field

Description

I/O statistics

Statistics about input/output packets and LSAs.

Type

OSPF packet type.

Input

Packets received.

Output

Packets sent.

Hello

Hell packet.

DB Description

Database Description packet.

Link-State Req

Link-State Request packet.

Link-State Update

Link-State Update packet.

Link-State Ack

Link-State Acknowledge packet.

LSAs originated by this router

LSAs originated by this router.

Router

Number of Type-1 LSAs originated.

Network

Number of Type-2 LSAs originated.

Sum-Net

Number of Type-3 LSAs originated.

Sum-Asbr

Number of Type-4 LSAs originated.

External

Number of Type-5 LSAs originated.

NSSA

Number of Type-7 LSAs originated.

Opq-Link

Number of Type-9 LSAs originated.

Opq-Area

Number of Type-10 LSAs originated.

Opq-As

Number of Type-11 LSAs originated.

LSA originated

Number of LSAs originated.

LSA received

Number of LSAs received.

Routing table

Routing table information.

Intra area

Number of intra-area routes.

Inter area

Number of inter-area routes.

ASE/NSSA

Number of ASE/NSSA routes.

 

# Display OSPF error statistics.

<Sysname> display ospf statistics error

 

          OSPF Process 1 with Router ID 192.168.1.112

                  OSPF Packet Error Statistics

 

 0         : Router ID confusion         0         : Bad packet

 0         : Bad version                 0         : Bad checksum

 0         : Bad area ID                 0         : Drop on unnumbered link

 0         : Bad virtual link            0         : Bad authentication type

 0         : Bad authentication key      0         : Packet too small

 0         : Neighbor state low          0         : Transmit error

 0         : Interface down              0         : Unknown neighbor

 0         : HELLO: Netmask mismatch     0         : HELLO: Hello-time mismatch

 0         : HELLO: Dead-time mismatch   0         : HELLO: Ebit option mismatch

 0         : HELLO: Mbit option mismatch 0         : DD: MTU option mismatch

 0         : DD: Unknown LSA type        0         : DD: Ebit option mismatch

 0         : ACK: Bad ack                0         : ACK: Unknown LSA type

 0         : REQ: Empty request          0         : REQ: Bad request

 0         : UPD: LSA checksum bad       0         : UPD: Unknown LSA type

 0         : UPD: Less recent LSA

Table 27 Command output

Field

Description

Router ID confusion

Packets with duplicate router ID.

Bad packet

Packets illegal.

Bad version

Packets with wrong version.

Bad checksum

Packets with wrong checksum.

Bad area ID

Packets with invalid area ID.

Drop on unnumbered link

Packets dropped on the unnumbered interface.

Bad virtual link

Packets on wrong virtual links.

Bad authentication type

Packets with invalid authentication type.

Bad authentication key

Packets with invalid authentication key.

Packet too small

Packets too small in length.

Neighbor state low

Packets received in low neighbor state.

Transmit error

Packets with error when being transmitted.

Interface down

Shutdown times of the interface.

Unknown neighbor

Packets received from unknown neighbors.

HELLO: Netmask mismatch

Hello packets with mismatched mask.

HELLO: Hello-time mismatch

Hello packets with mismatched hello timer.

HELLO: Dead-time mismatch

Hello packets with mismatched dead timer.

HELLO: Ebit option mismatch

Hello packets with mismatched E-bit in the option field.

HELLO: Mbit option mismatch

Hello packets with mismatched M-bit in the option field.

DD: MTU option mismatch

DD packets with mismatched MTU.

DD: Unknown LSA type

DD packets with unknown LSA type.

DD: Ebit option mismatch

DD packets with mismatched E-bit in the option field.

ACK: Bad ack

Bad LSAck packets for LSU packets.

ACK: Unknown LSA type

LSAck packets with unknown LSA type.

REQ: Empty request

LSR packets with no request information.

REQ: Bad request

Bad LSR packets.

UPD: LSA checksum bad

LSU packets with wrong LSA checksum.

UPD: Unknown LSA type

LSU packets with unknown LSA type.

UPD: Less recent LSA

LSU packets without the most recent LSA.

 

# Display OSPF packet statistics for all processes and interfaces.

<Sysname> display ospf statistics packet

 

          OSPF Process 100 with Router ID 192.168.1.59

                  Packet Statistics

 

 Waiting to send packet count: 0

         Hello      DD         LSR        LSU        ACK        Total

 Input : 489        6          2          44         40         581

 Output: 492        8          2          45         40         587

 

 Area: 0.0.0.1

 Interface: 20.1.1.1 (Vlan-interface100)

         DD         LSR        LSU        ACK        Total

 Input : 0          0          0          0          0

 Output: 0          0          0          0          0

 

 Interface: 100.1.1.1 (Vlan-interface100)

         DD         LSR        LSU        ACK        Total

 Input : 3          1          22         16         42

 Output: 2          1          19         20         42

Table 28 Command output

Field

Description

Waiting to send packet count

Number of packets waiting to be sent.

Total

Total number of packets.

Input

Number of received packets.

Output

Number of sent packets.

Area

Area ID.

Interface

Interface address and interface name.

 

Related commands

reset ospf statistics

display ospf vlink

Use display ospf vlink to display OSPF virtual link information.

Syntax

display ospf [ process-id ] vlink

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command displays the OSPF virtual link information for all OSPF processes.

Examples

# Display OSPF virtual link information.

<Sysname> display ospf vlink

 

 

          OSPF Process 1 with Router ID 3.3.3.3

                  Virtual Links

 

 Virtual-link Neighbor-ID  -> 2.2.2.2, Neighbor-State: Full

 Interface: 10.1.2.1 (Vlan-interface100)

 Cost: 1562  State: P-2-P  Type: Virtual

 Transit Area: 0.0.0.1

 Timers: Hello 10 , Dead 40 , Retransmit 5 , Transmit Delay 1

 MD5 authentication enabled.

    The last key is 3.

    The rollover is in progress, 2 neighbor(s) left.

Table 29 Command output

Field

Description

Virtual-link Neighbor-ID

ID of the neighbor on the virtual link.

Neighbor-State

Neighbor state: Down, Init, 2-Way, ExStart, Exchange, Loading, Full.

Interface

IP address and name of the local interface on the virtual link.

Cost

Interface route cost.

State

Interface state.

Type

Virtual link.

Transit Area

Transit area ID.

Timers

Values of timers (in seconds): Hello, Dead, and Retransmit.

Transmit Delay

LSA transmission delay on the interface, in seconds.

Simple authentication enabled

Simple authentication is enabled.

Keychain authentication enabled, name is xx

Keychain authentication is enabled. The name of the keychain is xx.

MD5 authentication enabled

MD5/HMAC-MD5 authentication is enabled.

The last key is xx

The most recent MD5 authentication key ID is xx.

The rollover is in progress, xx neighbor(s) left

Key rollover for MD5/HMAC-MD5 authentication is in progress. The number of neighbors that have not completed rollover is xx.

 

display router id

Use display router id to display the global router ID.

Syntax

display router id

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the global router ID.

<Sysname> display router id

         Configured router ID is 1.1.1.1

distribute bgp-ls

Use distribute bgp-ls to enable the device to advertise OSPF link state information to BGP.

Use undo distribute bgp-ls to restore the default.

Syntax

distribute bgp-ls [ strict-link-checking ]

undo distribute bgp-ls

Default

The device does not advertise OSPF link state information to BGP.

Views

OSPF view

Predefined user roles

network-admin

Parameters

strict-link-checking: Enables strict checking on link state information advertised to BGP. If you specify this keyword, the local and remote ends of a link must be in the same subnet so that the link state information can be advertised to BGP. If you do not specify this keyword, the link state information is advertised to BGP even if the local and remote ends of the link are in different subnets. This keyword applies only to P2P links.

Usage guidelines

After the device advertises OSPF link state information to BGP, BGP can advertise the information for intended applications.

As a best practice, enable strict link state information checking when the following conditions exist:

·     The link state information advertised to BGP contains multiple equal-cost links.

·     The local and remote ends of each equal-cost link are in the same subnet.

This prevents the device from advertising error link state information to BGP when the equal-cost links flap.

Strict link state information checking and prefix suppression are mutually exclusive. Before you enable strict link state information checking, make sure prefix suppression is disabled.

Examples

# Enable the device to advertise link state information for OSPF process 1 to BGP.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] distribute bgp-ls

dscp

Use dscp to set the DSCP value for outgoing OSPF packets.

Use undo dscp to restore the default.

Syntax

dscp dscp-value

undo dscp

Default

The DSCP value for outgoing OSPF packets is 48.

Views

OSPF view

Predefined user roles

network-admin

Parameters

dscp-value: Specifies the DSCP value in the range of 0 to 63 for outgoing OSPF packets.

Examples

# Set the DSCP value for outgoing OSPF packets to 63 in OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] dscp 63

enable link-local-signaling

Use enable link-local-signaling to enable the OSPF link-local signaling (LLS) capability.

Use undo enable link-local-signaling to disable the OSPF LLS capability.

Syntax

enable link-local-signaling

undo enable link-local-signaling

Default

OSPF link-local signaling capability is disabled.

Views

OSPF view

Predefined user roles

network-admin

Examples

# Enable link-local signaling for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] enable link-local-signaling

enable out-of-band-resynchronization

Use enable out-of-band-resynchronization to enable the OSPF out-of-band resynchronization (OOB-Resynch) capability.

Use undo enable out-of-band-resynchronization to disable the OSPF out-of-band resynchronization capability.

Syntax

enable out-of-band-resynchronization

undo enable out-of-band-resynchronization

Default

The OSPF out-of-band resynchronization capability is disabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

Before you configure this command, enable the link-local signaling capability.

Examples

# Enable the out-of-band resynchronization capability for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] enable link-local-signaling

[Sysname-ospf-1] enable out-of-band-resynchronization

Related commands

enable link-local-signaling

event-log

Use event-log to set the number of OSPF logs.

Use undo event-log to remove the configuration.

Syntax

event-log { lsa-flush | peer | spf } size count

undo event-log { lsa-flush | peer | spf } size

Default

The device can generate a maximum of 10 logs for each type, including route calculation logs, LSA aging logs, and neighbor logs.

Views

OSPF view

Predefined user roles

network-admin

Parameters

lsa-flush: Specifies the number of LSA aging logs.

peer: Specifies the number of neighbor logs.

spf: Specifies the number of route calculation logs.

size count: Specifies the number of OSPF logs, in the range of 0 to 65535.

Examples

# Set the number of route calculation logs to 50 in OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] event-log spf size 50

fast-reroute (OSPF view)

Use fast-reroute to configure OSPF FRR.

Use undo fast-reroute to restore the default.

Syntax

fast-reroute { lfa [ abr-only ] | route-policy route-policy-name }

undo fast-reroute

Default

OSPF FRR is disabled.

Views

OSPF view

Predefined user roles

network-admin

Parameters

lfa: Uses the LFA algorithm to calculate a backup next hop for all routes.

abr-only: Uses the next hop of the route to the ABR as the backup next hop.

route-policy route-policy-name: Uses a routing policy to designate a backup next hop. The route-policy-name argument is a case-sensitive string of 1 to 63 characters.

Usage guidelines

When both OSPF FRR and PIC are configured, OSPF FRR takes effect.

Do not use the fast-reroute lfa command together with the vlink-peer command.

Examples

# Enable FRR to calculate a backup next hop for all routes by using LFA algorithm in OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] fast-reroute lfa

filter (OSPF area view)

Use filter to configure OSPF to filter inbound/outbound Type-3 LSAs on an ABR.

Use undo filter to disable Type-3 LSA filtering.

Syntax

filter { ipv4-acl-number | prefix-list prefix-list-name | route-policy route-policy-name } { export | import }

undo filter { export | import }

Default

Type-3 LSAs are not filtered.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

ipv4-acl-number: Specifies an IPv4 ACL by its number in the range of 2000 to 3999 to filter inbound/outbound Type-3 LSAs.

prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters, to filter inbound/outbound Type-3 LSAs.

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters, to filter inbound/outbound Type-3 LSAs.

export: Filters Type-3 LSAs advertised to other areas.

import: Filters Type-3 LSAs advertised into the local area.

Usage guidelines

This command applies only to an ABR.

Examples

# Use IP prefix list my-prefix-list to filter inbound Type-3 LSAs. Use basic ACL 2000 to filter outbound Type-3 LSAs in OSPF Area 1.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] filter prefix-list my-prefix-list import

[Sysname-ospf-100-area-0.0.0.1] filter 2000 export

filter-policy export (OSPF view)

Use filter-policy export to configure OSPF to filter redistributed routes.

Use undo filter-policy export to remove the configuration.

Syntax

filter-policy { ipv4-acl-number | prefix-list prefix-list-name } export [ protocol [ process-id ] ]

undo filter-policy export [ protocol [ process-id ] ]

Default

OSPF does not filter redistributed routes.

Views

OSPF view

Predefined user roles

network-admin

Parameters

ipv4-acl-number: Specifies an IPv4 ACL by its number in the range of 2000 to 3999 to filter redistributed routes by destination address.

prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters, to filter redistributed routes by destination address.

protocol: Filters routes redistributed from the specified routing protocol. If you do not specify this argument, the command filters all redistributed routes.

process-id: Specifies a process by its ID in the range of 1 to 65535. This argument is available only when the protocol argument is rip, ospf, or isis.

Usage guidelines

To use an advanced ACL (with a number from 3000 to 3999) in the command, configure the ACL using one of the following methods:

·     To deny/permit a route with the specified destination, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard command.

·     To deny/permit a route with the specified destination and mask, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard destination dest-addr dest-wildcard command.

The source keyword specifies the destination address of a route and the destination keyword specifies the subnet mask of the destination address. For the mask configuration to take effect, specify a contiguous subnet mask.

Examples

# Configure OSPF process 100 to filter redistributed routes by using basic ACL 2000.

<Sysname> system-view

[Sysname] acl basic 2000

[Sysname-acl-ipv4-basic-2000] rule deny source 192.168.10.0 0.0.0.255

[Sysname-acl-ipv4-basic-2000] quit

[Sysname] ospf 100

[Sysname-ospf-100] filter-policy 2000 export

# Configure advanced ACL 3000 to permit only route 113.0.0.0/16. Configure OSPF process 100 to filter redistributed routes by using advanced ACL 3000.

<Sysname> system-view

[Sysname] acl advanced 3000

[Sysname-acl-ipv4-adv-3000] rule 10 permit ip source 113.0.0.0 0 destination 255.255.0.0 0

[Sysname-acl-ipv4-adv-3000] rule 100 deny ip

[Sysname-acl-ipv4-adv-3000] quit

[Sysname] ospf 100

[Sysname-ospf-100] filter-policy 3000 export

Related commands

import-route

filter-policy import (OSPF view)

Use filter-policy import to configure OSPF to filter routes calculated using received LSAs.

Use undo filter-policy import to restore the default.

Syntax

filter-policy { ipv4-acl-number [ gateway prefix-list-name ] | gateway prefix-list-name | prefix-list prefix-list-name [ gateway prefix-list-name ] | route-policy route-policy-name } import

undo filter-policy import

Default

OSPF does not filter routes calculated using received LSAs.

Views

OSPF view

Predefined user roles

network-admin

Parameters

ipv4-acl-number: Specifies an IPv4 ACL by its number in the range of 2000 to 3999 to filter received routes by destination.

gateway prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters, to filter received routes by next hop.

prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters, to filter received routes by destination.

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters, to filter received routes.

Usage guidelines

To use an advanced ACL (with a number from 3000 to 3999) in the command or in the specified routing policy, configure the ACL in one of the following ways:

·     To deny/permit a route with the specified destination, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard command.

·     To deny/permit a route with the specified destination and mask, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard destination dest-addr dest-wildcard command.

The source keyword specifies the destination address of a route and the destination keyword specifies the subnet mask of the destination address. For the mask configuration to take effect, specify a contiguous subnet mask.

Examples

# Use basic ACL 2000 to filter received routes.

<Sysname> system-view

[Sysname] acl basic 2000

[Sysname-acl-ipv4-basic-2000] rule deny source 192.168.10.0 0.0.0.255

[Sysname-acl-ipv4-basic-2000] quit

[Sysname] ospf 100

[Sysname-ospf-100] filter-policy 2000 import

# Configure advanced ACL 3000 to permit only route 113.0.0.0/16. Use ACL 3000 to filter received routes.

<Sysname> system-view

[Sysname] acl advanced 3000

[Sysname-acl-ipv4-adv-3000] rule 10 permit ip source 113.0.0.0 0 destination 255.255.0.0 0

[Sysname-acl-ipv4-adv-3000] rule 100 deny ip

[Sysname-acl-ipv4-adv-3000] quit

[Sysname] ospf 100

[Sysname-ospf-100] filter-policy 3000 import

graceful-restart (OSPF view)

Use graceful-restart to enable OSPF GR.

Use undo graceful-restart to disable OSPF GR.

Syntax

graceful-restart [ ietf | nonstandard ] [ global | planned-only ] *

undo graceful-restart

Default

OSPF GR is disabled.

Views

OSPF view

Predefined user roles

network-admin

Parameters

ietf: Enables IETF GR.

nonstandard: Enables non-IETF GR.

global: Enables global GR. In global GR mode, a GR process can be completed only when all GR helpers exist. A GR process fails if a GR helper fails (for example, the interface connected to the GR helper goes down). If you do not specify this keyword, the command enables partial GR. In partial GR mode, a GR process can be completed if a GR helper exists.

planned-only: Enables only planned GR. If you do not specify this keyword, the command enables both planned GR and unplanned GR.

Usage guidelines

GR includes planned GR and unplanned GR.

·     Planned GR—Manually restarts OSPF by using the reset ospf process command or performs an active/standby process switchover by using the placement reoptimize command. Before OSPF restart or active/standby switchover, the GR restarter sends Grace-LSAs to GR helpers.

·     Unplanned GR—OSPF restarts or an active/standby switchover occurs because of device failure. Before OSPF restart or active/standby switchover, the GR restarter does not send Grace-LSAs to GR helpers.

Before enabling IETF GR for OSPF, enable Opaque LSA advertisement and reception with the opaque-capability enable command.

Before enabling non-IETF GR for OSPF, enable OSPF LLS with the enable link-local-signaling command and OOB-Resynch with the enable out-of-band-resynchronization command.

If you do not specify the nonstandard or ietf keyword, this command enables non-IETF GR for OSPF.

OSPF GR and OSPF NSR are mutually exclusive. Do not configure the graceful-restart command and the non-stop-routing command at the same time.

Examples

# Enable IETF GR for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] opaque-capability enable

[Sysname-ospf-1] graceful-restart ietf

# Enable non-IETF GR for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] enable link-local-signaling

[Sysname-ospf-1] enable out-of-band-resynchronization

[Sysname-ospf-1] graceful-restart nonstandard

Related commands

enable link-local-signaling

enable out-of-band-resynchronization

opaque-capability enable

graceful-restart helper enable

Use graceful-restart helper enable to enable OSPF GR helper capability.

Use undo graceful-restart helper enable to disable OSPF GR helper capability.

Syntax

graceful-restart helper enable [ planned-only ]

undo graceful-restart helper enable

Default

OSPF GR helper capability is enabled.

Views

OSPF view

Predefined user roles

network-admin

Parameters

planned-only: Enables only planned GR for the GR helper. If you do not specify this keyword, the command enables both planned GR and unplanned GR for the GR helper.

Usage guidelines

The planned-only keyword is available only for the IETF GR helper.

Examples

# Enable GR helper capability for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] graceful-restart helper enable

graceful-restart helper strict-lsa-checking

Use graceful-restart helper strict-lsa-checking to enable strict LSA checking capability for GR helper.

Use undo graceful-restart helper strict-lsa-checking to disable strict LSA checking capability for GR helper.

Syntax

graceful-restart helper strict-lsa-checking

undo graceful-restart helper strict-lsa-checking

Default

Strict LSA checking capability for GR helper is disabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

When an LSA change on the GR helper is detected, the GR helper device exits the GR helper mode.

Examples

# Enable strict LSA checking capability for GR helper in OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] graceful-restart helper strict-lsa-checking

graceful-restart interval (OSPF view)

Use graceful-restart interval to set the GR interval.

Use undo graceful-restart interval to restore the default.

Syntax

graceful-restart interval interval

undo graceful-restart interval

Default

The GR interval is 120 seconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

interval: Specifies the GR interval in the range of 40 to 1800 seconds.

Usage guidelines

For GR restart to succeed, the value of the GR restart interval cannot be smaller than the maximum OSPF neighbor dead time of all the OSPF interfaces.

Examples

# Set the GR interval for OSPF process 1 to 100 seconds.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] graceful-restart interval 100

Related commands

ospf timer dead

host-advertise

Use host-advertise to advertise a host route.

Use undo host-advertise to remove a host route.

Syntax

host-advertise ip-address cost-value

undo host-advertise ip-address

Default

No host route is advertised.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IP address of a host.

cost-value: Specifies a cost for the route, in the range of 1 to 65535.

Examples

# Advertise host route 1.1.1.1 with a cost of 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 0

[Sysname-ospf-100-area-0.0.0.0] host-advertise 1.1.1.1 100

import-route (OSPF view)

Use import-route to redistribute AS-external routes from another routing protocol.

Use undo import-route to disable route redistribution from another routing protocol.

Syntax

import-route bgp [ as-number ] [allow-ibgp] [ [ cost cost-value | inherit-cost ] | nssa-only | route-policy route-policy-name | tag tag | type type ] *

import-route { direct | static } [ [ cost cost-value | inherit-cost ] | nssa-only | route-policy route-policy-name | tag tag | type type ] *

import-route { isis | ospf | rip } [ process-id | all-processes ] [ allow-direct | [ cost cost-value | inherit-cost ] | nssa-only | route-policy route-policy-name | tag tag | type type ] *

undo import-route { bgp | direct | { isis | ospf | rip } [ process-id | all-processes ] | static }

Default

OSPF does not redistribute AS-external routes from any other routing protocol.

Views

OSPF view

Predefined user roles

network-admin

Parameters

bgp: Redistributes BGP routes.

direct: Redistributes direct routes.

isis: Redistributes IS-IS routes.

ospf: Redistributes OSPF routes.

rip: Redistributes RIP routes.

static: Redistributes static routes.

as-number: Redistributes routes in an AS specified by its number in the range of 1 to 4294967295. This argument applies only to the BGP protocol. If you do not specify this argument, this command redistributes all IPv4 EBGP routes. As a best practice, specify an AS number to prevent the system from redistributing excessive IPv4 EBGP routes.

process-id: Specifies a process by its ID in the range of 1 to 65535. The default is 1.

all-processes: Redistributes routes from all the processes of the specified routing protocol.

allow-ibgp: Redistributes IBGP routes. The import-route bgp command redistributes only EBGP routes. Because the import-route bgp allow-ibgp command redistributes both EBGP and IBGP routes and might cause routing loops, use it with caution.

allow-direct: Redistributes the networks of the local interfaces enabled with the specified routing protocol. If you do not specify this keyword, the networks of the local interfaces are not redistributed. If you specify both the allow-direct keyword and the route-policy route-policy-name option, make sure the if-match rule defined in the routing policy does not conflict with the allow-direct keyword. For example, if you specify the allow-direct keyword, do not configure the if-match route-type rule for the routing policy. Otherwise, the allow-direct keyword does not take effect.

cost cost-value: Specifies a route cost in the range of 0 to 16777214.

inherit-cost: Specifies to use the original cost of redistributed routes.

nssa-only: Limits the route advertisement to the NSSA area by setting the P-bit of Type-7 LSAs to 0. If you do not specify this keyword, the P-bit of Type-7 LSAs is set to 1. If the router acts as both an ASBR and an ABR and FULL state neighbors exist in the backbone area, the P-bit is set to 0. This keyword applies to NSSA routers.

route-policy route-policy-name: Specifies a routing policy to filter redistributed routes. The route-policy-name argument is a case-sensitive string of 1 to 63 characters.

tag tag: Specifies a tag for external LSAs, in the range of 0 to 4294967295. The default is 1.

type type: Specifies a cost type, 1 or 2. The default is 2.

Usage guidelines

This command redistributes routes destined for other ASs from another protocol. AS external routes include the following types:

·     Type-1 external routes—Have high credibility. The cost of Type-1 external routes is comparable with the cost of OSPF internal routes. The cost of a Type-1 external route equals the cost from the router to the ASBR plus the cost from the ASBR to the external route's destination.

·     Type-2 external routes—Have low credibility. OSPF considers the cost from the ASBR to the destination of a Type-2 external route is much bigger than the cost from the ASBR to an OSPF internal router. The cost of a Type-2 external route equals the cost from the ASBR to the Type-2 external route's destination.

The import-route command redistributes only active routes. To display information about active routes, use the display ip routing-table protocol command. The import-route command cannot redistribute default external routes.

The import-route nssa-only command redistributes AS-external routes in Type-7 LSAs only into the NSSA area.

If you do not specify the cost or inherit-cost keyword, the cost of a redistributed route is 1.

The undo import-route { isis | ospf | rip } all-processes command removes only the configuration made by the import-route { isis | ospf | rip } all-processes command, instead of the configuration made by the import-route { isis | ospf | rip } process-id command.

Examples

# Redistribute routes from RIP process 40 and specify the type, tag, and cost as 2, 33, and 50 for redistributed routes.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] import-route rip 40 type 2 tag 33 cost 50

Related commands

default-route-advertise (OSPF view)

ispf enable (OSPF view)

Use ispf enable to enable OSPF incremental SPF (ISPF).

Use undo ispf enable to disable OSPF ISPF.

Syntax

ispf enable

undo ispf enable

Default

OSPF ISPF is enabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

Upon topology changes, ISPF recomputes only the affected part of the SPT, instead of the entire SPT.

Examples

# Disable ISPF for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] undo ispf enable

log-peer-change

Use log-peer-change to enable logging for OSPF neighbor state changes.

Use undo log-peer-change to disable logging for OSPF neighbor state changes.

Syntax

log-peer-change

undo log-peer-change

Default

Logging for OSPF neighbor state changes is enabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

This command enables output of OSPF neighbor state changes to the information center. The information center processes the logs according to user-defined output rules (whether and where to output logs). For more information about the information center, see Network Management and Monitoring Configuration Guide.

Examples

# Disable logging for neighbor state changes for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] undo log-peer-change

lsa-arrival-interval

Use lsa-arrival-interval to set the LSA arrival interval.

Use undo lsa-arrival-interval to restore the default.

Syntax

lsa-arrival-interval interval

undo lsa-arrival-interval

Default

The LSA arrival interval is 1000 milliseconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

interval: Specifies the LSA arrival interval in the range of 0 to 60000 milliseconds.

Usage guidelines

If an LSA that has the same LSA type, LS ID, and originating router ID as the previous LSA is received within the interval, OSPF discards the LSA. This feature helps avoid overuse of system resources due to frequent network changes.

As a best practice, set the interval with the lsa-arrival-interval command to be smaller than or equal to the minimum interval set with the lsa-generation-interval command.

Examples

# Set the LSA arrival interval to 200 milliseconds.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] lsa-arrival-interval 200

Related commands

lsa-generation-interval

lsa-generation-interval

Use lsa-generation-interval to set the OSPF LSA generation interval.

Use undo lsa-generation-interval to restore the default.

Syntax

lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ]

undo lsa-generation-interval

Default

The maximum interval is 5 seconds, the minimum interval is 50 milliseconds, and the incremental interval is 200 milliseconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

maximum-interval: Specifies the maximum LSA generation interval in the range of 1 to 60 seconds.

minimum-interval: Specifies the minimum LSA generation interval in the range of 10 to 60000 milliseconds.

incremental-interval: Specifies the LSA generation incremental interval in the range of 10 to 60000 milliseconds.

Usage guidelines

When network changes are infrequent, LSAs are generated at the minimum interval. If network changes become frequent, the LSA generation interval is incremented by the incremental interval × 2n-2 for each generation until the maximum interval is reached. The value n is the number of generation times.

The minimum interval and the incremental interval cannot be greater than the maximum interval.

Examples

# Set the maximum LSA generation interval to 2 seconds, minimum interval to 100 milliseconds, and incremental interval to 100 milliseconds.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] lsa-generation-interval 2 100 100

Related commands

lsa-arrival-interval

lsdb-overflow-interval

Use lsdb-overflow-interval to set the interval that OSPF exits overflow state.

Use undo lsdb-overflow-interval to restore the default.

Syntax

lsdb-overflow-interval interval

undo lsdb-overflow-interval

Default

The OSPF exit overflow interval is 300 seconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

interval: Specifies the interval that OSPF exits overflow state, in the range of 0 to 2147483647 seconds.

Usage guidelines

When the number of LSAs in the LSDB exceeds the upper limit, the LSDB is in an overflow state. In this state, OSPF does not receive any external LSAs and deletes the external LSAs generated by itself to save system resources.

You can configure the interval that OSPF exits overflow state. An interval of 0 indicates that the timer is not started and OSPF does not exit overflow state.

Examples

# Set the OSPF exit overflow interval to 10 seconds.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] lsdb-overflow-interval 10

lsdb-overflow-limit

Use lsdb-overflow-limit to set the upper limit of external LSAs in the LSDB.

Use undo lsdb-overflow-limit to restore the default.

Syntax

lsdb-overflow-limit number

undo lsdb-overflow-limit

Default

The number of external LSAs is not limited.

Views

OSPF view

Predefined user roles

network-admin

Parameters

number: Specifies the upper limit of external LSAs in the LSDB, in the range of 1 to 1000000.

Examples

# Set the upper limit of external LSAs to 400000.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] lsdb-overflow-limit 400000

maximum load-balancing (OSPF view)

Use maximum load-balancing to set the maximum number of equal-cost multi-path (ECMP) routes for load balancing.

Use undo maximum load-balancing to restore the default.

Syntax

maximum load-balancing number

undo maximum load-balancing

Default

The maximum number of OSPF ECMP routes equals the maximum number of ECMP routes supported by the system.

Views

OSPF view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of ECMP routes. No ECMP load balancing is available when the number is set to 1.

Usage guidelines

The value range for the number argument of the maximum load-balancing command depends on the maximum number of ECMP routes supported by the system. You can use the max-ecmp-num command to set the maximum number of ECMP routes supported by the system to m. After a reboot, the value range for the number argument is 1 to m.

Examples

# Set the maximum number of ECMP routes to 2.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] maximum load-balancing 2

Related commands

max-ecmp-num

network (OSPF area view)

Use network to enable OSPF on the interface attached to the specified network in the area.

Use undo network to disable OSPF for the interface attached to the specified network in the area.

Syntax

network ip-address wildcard-mask

undo network ip-address wildcard-mask

Default

OSPF is not enabled for any interface.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IP address of a network.

wildcard-mask: Specifies the wildcard mask of the IP address. For example, the wildcard mask of mask 255.0.0.0 is 0.255.255.255.

Usage guidelines

This command enables OSPF on the interface attached to the specified network. The interface's primary IP address must be in the specified network. If only the interface's secondary IP address is in the network, the interface cannot run OSPF.

Examples

# Specify the interface whose primary IP address is on network 131.108.20.0/24 to run OSPF in Area 2.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 2

[Sysname-ospf-100-area-0.0.0.2] network 131.108.20.0 0.0.0.255

Related commands

ospf

non-stop-routing

Use non-stop-routing to enable OSPF NSR.

Use undo non-stop-routing to disable OSPF NSR.

Syntax

non-stop-routing

undo non-stop-routing

Default

OSPF NSR is disabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

This command takes effect only for the current process. As a best practice, enable OSPF NSR for each process if multiple OSPF processes exist.

OSPF NSR and OSPF GR are mutually exclusive. Do not configure the non-stop-routing command and the graceful-restart command at the same time.

Examples

# Enable NSR for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] non-stop-routing

nssa (OSPF area view)

Use nssa to configure an area as an NSSA area.

Use undo nssa to restore the default.

Syntax

nssa [ default-route-advertise [ cost cost-value | nssa-only | route-policy route-policy-name | type type ] * | no-import-route | no-summary | suppress-fa | [ [ [ translate-always ] [ translate-ignore-checking-backbone ] ] | translate-never ] | translator-stability-interval value ] *

undo nssa [ default-route-advertise [ cost | nssa-only | route-policy | type ] * | no-import-route | no-summary | suppress-fa | [ translate-always | translate-never ] | translator-stability-interval ] *

Default

No area is configured as an NSSA area.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

default-route-advertise: Used on an NSSA ABR or an ASBR only. With this keyword, an NSSA ABR redistributes a default route in a Type-7 LSA into the NSSA area. The ABR redistributes a default route regardless of whether a default route exists in the routing table. With this keyword, an ASBR redistributes a default route in a Type-7 LSA only when the default route exists in the routing table.

cost cost-value: Specifies a cost for the default route, in the range of 0 to 16777214. If you do not specify this option, the default cost specified by the default-cost command applies.

nssa-only: Limits the default route advertisement to the NSSA area by setting the P-bit of Type-7 LSAs to 0. By default, the P-bit of Type-7 LSAs is set to 1. If the router acts as both an ASBR and an ABR and FULL state neighbors exist in the backbone area, the P-bit is set to 0.

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. When a default route exists in the routing table and the routing policy is matched, the command redistributes a default route in a Type-7 LSA into the OSPF routing domain. The routing policy modifies values in the Type-7 LSA.

type type: Specifies a type for the Type-7 LSA, 1 or 2. If you do not specify this option, the default type specified by the default type command applies.

no-import-route: Used on an NSSA ABR to control the import-route command to not redistribute routes into the NSSA area.

no-summary: Used only on an ABR to advertise a default route in a Type-3 summary LSA into the NSSA area and to not advertise other summary LSAs into the area. The area is a totally NSSA area.

suppress-fa: Suppresses the forwarding address in the Type-7 LSAs from being placed in the Type-5 LSAs.

translate-always: Always translates Type-7 LSAs to Type-5 LSAs. This keyword takes effect only on an NSSA ABR.

translate-ignore-checking-backbone: Ignores checking for FULL state neighbors in the backbone area during the translator election in the NSSA area.

translate-never: Never translates Type-7 LSAs to Type-5 LSAs. This keyword takes effect only on an NSSA ABR.

translator-stability-interval value: Specifies the stability interval of the translator. During the interval, the translator can maintain its translating capability after another device becomes the new translator. The value argument is the stability interval in the range of 0 to 900 seconds and defaults to 0. A value of 0 means the translator does not maintain its translating capability when a new translator arises.

Usage guidelines

All routers attached to an NSSA area must be configured with the nssa command in area view.

If you specify the translate-ignore-checking-backbone keyword for an ABR, you must also specify the keyword for other ABRs in the NSSA area. This ensures that a translator can be elected among the ABRs.

Examples

# Configure Area 1 as an NSSA area.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] nssa

Related commands

default-cost (OSPF area view)

opaque-capability enable

Use opaque-capability enable to enable opaque LSA advertisement and reception.

Use undo opaque-capability to disable opaque LSA advertisement and reception.

Syntax

opaque-capability enable

undo opaque-capability

Default

The feature is enabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

After the opaque LSA advertisement and reception capability is enabled, OSPF can receive and advertise Type-9, Type-10, and Type-11 opaque LSAs.

Examples

# Disable opaque LSA advertisement and reception.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] undo opaque-capability

ospf

Use ospf to enable OSPF and enter OSPF view.

Use undo ospf to disable OSPF.

Syntax

ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *

undo ospf [ process-id ]

Default

OSPF is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535.

router-id router-id: Specifies an OSPF router ID in dotted decimal notation.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the OSPF process runs on the public network.

Usage guidelines

You can enable multiple OSPF processes on a router and specify different router IDs for them.

Enable an OSPF process before performing other tasks.

For correct OSPF neighbor relationship establishment, do not bind an OSPF-enabled VLAN interface to an OpenFlow instance.

Examples

# Enable OSPF process 100 and specify router ID 10.10.10.1.

<Sysname> system-view

[Sysname] ospf 100 router-id 10.10.10.1

[Sysname-ospf-100]

ospf area

Use ospf area to enable OSPF on an interface.

Use undo ospf area to disable OSPF on an interface.

Syntax

ospf process-id area area-id [ exclude-subip ]

undo ospf process-id area [ exclude-subip ]

Default

OSPF is not enabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535.

area-id: Specifies an area by its ID, an IP address or a decimal integer in the range of 0 to 4294967295 that is translated into the IP address format.

exclude-subip: Excludes secondary IP addresses. If you do not specify this keyword, the command enables OSPF also on secondary IP addresses.

Usage guidelines

The ospf area command has a higher priority than the network command.

If the specified process and area do not exist, the command creates the process and area. Disabling an OSPF process on an interface does not delete the OSPF process or the area.

Examples

# Enable OSPF process 1 on VLAN-interface 10 that is in Area 2 and exclude secondary IP addresses.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf 1 area 2 exclude-subip

Related commands

network

ospf authentication-mode

Use ospf authentication-mode to set the authentication mode and key on an interface.

Use undo ospf authentication-mode to remove specified configuration.

Syntax

For MD5/HMAC-MD5 authentication:

ospf authentication-mode { hmac-md5 | md5 } key-id { cipher | plain } string

undo ospf authentication-mode { hmac-md5 | md5 } key-id

For simple authentication:

ospf authentication-mode simple { cipher | plain } string

undo ospf authentication-mode simple

For keychain authentication:

ospf authentication-mode keychain keychain-name

undo ospf authentication-mode keychain

Default

No authentication is performed for an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

hmac-md5: Specifies HMAC-MD5 authentication.

md5: Specifies MD5 authentication.

simple: Specifies simple authentication.

key-id: Specifies a key by its ID in the range of 1 to 255.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

·     In simple authentication mode, the plaintext form of the key is a string of 1 to 8 characters. The encrypted form of the key is a string of 33 to 41 characters.

·     In MD5/HMAC-MD5 authentication mode, the plaintext form of the key is a string of 1 to 16 characters. The encrypted form of the key is a string of 33 to 53 characters.

keychain: Specifies keychain authentication.

keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

To establish or maintain adjacencies, interfaces attached to the same network segment must have the same authentication mode and key.

If MD5 or HMAC-MD5 authentication is configured, you can configure multiple keys, each having a unique key ID and key string. To minimize the risk of key compromise, use only one key for an interface and delete the old key after key replacement.

To replace the key used for MD5 or HMAC-MD5 authentication on an interface, you must configure the new key before removing the old key from each router. OSPF uses the key rollover mechanism to ensure that the routers can pass authentication before the replacement is complete on the interface. After you configure a new key on a router, the router sends copies of the same packet, each authenticated by a different key, including the new key and the keys in use. This practice continues until the router detects that all its neighbors have the new key.

When keychain authentication is configured for an OSPF interface, OSPF performs the following operations before sending a packet:

1.     Obtains a valid send key from the keychain.

OSPF does not send the packet if it fails to obtain a valid send key.

2.     Uses the key ID, authentication algorithm, and key string to authenticate the packet.

If the key ID is greater than 255, OSPF does not send the packet.

When keychain authentication is configured for an OSPF interface, OSPF performs the following operations after receiving a packet:

1.     Uses the key ID carried in the packet to obtain a valid accept key from the keychain.

OSPF discards the packet if it fails to obtain a valid accept key.

2.     Uses the authentication algorithm and key string for the valid accept key to authenticate the packet.

If the authentication fails, OSPF discards the packet.

The authentication algorithm can only beMD5 or HMAC-MD5 and the ID of keys used for authentication can only be in the range of 0 to 255.

Examples

# On VLAN-interface 10, enable MD5 authentication, and set the interface key ID to 15 and the key to 123456 in plaintext form.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf authentication-mode md5 15 plain 123456

# On VLAN-interface 10, enable simple authentication, and set the key to 123456 in plaintext form.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf authentication-mode simple plain 123456

Related commands

authentication-mode

ospf bfd enable

Use ospf bfd enable to enable BFD on an OSPF interface.

Use undo ospf bfd enable to disable BFD on an OSPF interface.

Syntax

ospf bfd enable [ echo ]

undo ospf bfd enable

Default

BFD for OSPF is disabled.

Views

Interface view

Predefined user roles

network-admin

Parameters

echo: Enables BFD single-hop echo detection. If you do not specify this keyword, the command enables BFD bidirectional control detection.

Examples

# Enable BFD for OSPF on VLAN-interface 11.

<Sysname> system-view

[Sysname] ospf

[Sysname-ospf-1] area 0

[Sysname-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.255.255

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] ospf bfd enable

ospf cost (interface view)

Use ospf cost to set an OSPF cost for an interface.

Use undo ospf cost to restore the default.

Syntax

ospf cost cost-value

undo ospf cost

Default

An interface computes its OSPF cost according to the interface bandwidth. For a loopback interface, the cost is 0.

Views

Interface view

Predefined user roles

network-admin

Parameters

cost-value: Specifies an OSPF cost in the range of 0 to 65535 for a loopback interface, and in the range of 1 to 65535 for other interfaces.

Usage guidelines

If you do not execute this command, the interface automatically computes its OSPF cost.

Examples

# Set the OSPF cost on VLAN-interface 10 to 65.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf cost 65

Related commands

bandwidth-reference

ospf database-filter

Use ospf database-filter to filter outbound LSAs on an interface.

Use undo ospf database-filter to restore the default.

Syntax

ospf database-filter { all | { ase [ acl ipv4-acl-number ] | nssa [ acl ipv4-acl-number ] | summary [ acl ipv4-acl-number ] } * }

undo ospf database-filter

Default

The outbound LSAs are not filtered on the interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

all: Filters all outbound LSAs except the Grace LSAs.

ase: Filters outbound Type-5 LSAs.

nssa: Filters outbound Type-7 LSAs.

summary: Filters outbound Type-3 LSAs.

acl ipv4-acl-number: Specifies an IPv4 ACL by its number in the range of 2000 to 3999.

Usage guidelines

To use an advanced ACL (with a number from 3000 to 3999) in the command, configure the ACL using one of the following methods:

·     To deny/permit LSAs with the specified link state ID, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard command.

·     To deny/permit LSAs with the specified link state ID and mask, use the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard destination dest-addr dest-wildcard command.

The source keyword specifies the link state ID of an LSA and the destination keyword specifies the subnet mask of the LSA. For the mask configuration to take effect, specify a contiguous subnet mask.

If the neighbor has already received an LSA to be filtered, the LSA still exists in the LSDB of the neighbor after you execute the command.

Examples

# Filter all outbound LSAs (except the Grace LSAs) on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf database-filter all

# On VLAN-interface 20, configure ACL 2000, 2100, and 2200 to filter outbound Type-5, Type-7, and Type-3 LSAs, respectively.

<Sysname> system-view

[Sysname] interface vlan-interface 20

[Sysname- Vlan-interface20] ospf database-filter ase acl 2000 nssa acl 2100 summary acl 2200

Related commands

database-filter peer (OSPF view)

ospf dr-priority

Use ospf dr-priority to set the router priority for DR/BDR election on an interface.

Use undo ospf dr-priority to restore the default value.

Syntax

ospf dr-priority priority

undo ospf dr-priority

Default

The router priority is 1.

Views

Interface view

Predefined user roles

network-admin

Parameters

priority: Specifies the router priority for the interface, in the range of 0 to 255.

Usage guidelines

The greater the value, the higher the priority for DR/BDR election. If a device has a priority of 0, it will not be elected as a DR or BDR.

Examples

# Set the router priority on VLAN-interface 10 to 8.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf dr-priority 8

ospf fast-reroute lfa-backup

Use ospf fast-reroute lfa-backup to enable LFA on an interface.

Use undo ospf fast-reroute lfa-backup to disable LFA on an interface.

Syntax

ospf fast-reroute lfa-backup

undo ospf fast-reroute lfa-backup

Default

LFA is enabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

An interface enabled with LFA can be selected as a backup interface. After you disable LFA on the interface, it cannot be selected as a backup interface.

Examples

# Disable VLAN-interface 11 from calculating a backup next hop by using the LFA algorithm.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] undo ospf fast-reroute lfa-backup

ospf lsu-flood-control

Use ospf lsu-flood-control to enable OSPF to limit the LSU transmit rate.

Use undo ospf lsu-flood-control to disable OSPF to limit LSU transmit rate.

Syntax

ospf lsu-flood-control [ interval count ]

undo ospf lsu-flood-control

Default

OSPF does not limit the LSU transmit rate.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Specifies the LSU transmit interval in the range of 10 to 1000 milliseconds. The default value is 30.

count: Specifies the maximum number of LSUs that can be sent at each interval, in the range of 1 to 1000. The default value is 50.

Usage guidelines

During LSDB synchronization, if the local router has multiple neighbors, it must send many LSUs to each neighbor. When a neighbor receives excessive LSUs within a short time period, the following events might occur:

·     The performance of the neighbor is degraded because too many system resources are occupied for LSU packet processing.

·     The neighbor drops hello packets used for maintaining the neighbor relationship because it is busy dealing with the LSUs. As a result, the neighbor relationship is torn down. To reestablish a relationship to the neighbor, the local router must send more LSUs to the neighbor. This exacerbates the performance degradation.

To prevent this problem, execute this command to limit the global LSU transmit rate.

Inappropriate use of this command might cause abnormal routing. As a best practice, execute this command with the default values.

Examples

# Enable OSPF to limit the LSU transmit rate, and configure all OSPF interfaces to send 60 LSUs every 40 milliseconds.

<Sysname> system-view

[Sysname] ospf lsu-flood-control 40 60

ospf mib-binding

Use ospf mib-binding to bind an OSPF process to the public MIB.

Use undo ospf mib-binding to restore the default.

Syntax

ospf mib-binding process-id

undo ospf mib-binding

Default

The public MIB is bound to the OSPF process with the smallest process ID.

Views

System view

Predefined user roles

network-admin

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535.

Usage guidelines

To access information or data about an OSPF process in RFC4750-OSPF.MIB, use this command. To access information or data about an OSPF process in a private MIB for the device, you do not need to use this command. You can access information or data about all OSPF processes in the private MIBs.

If the specified process ID does not exist, a notification is displayed to report that the MIB binding configuration has failed.

Deleting an OSPF process that has been bound to the public MIB unbinds the OSPF process from the MIB, and re-binds the MIB to the OSPF process with the smallest process ID.

Examples

# Bind OSPF process 100 to the public MIB.

<Sysname> system-view

[Sysname] ospf mib-binding 100

ospf mtu-enable

Use ospf mtu-enable to enable an interface to add the interface MTU into DD packets.

Use undo ospf mtu-enable to restore the default.

Syntax

ospf mtu-enable

undo ospf mtu-enable

Default

The MTU in DD packets is 0.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

After a virtual link is established through a Tunnel, two devices on the link from different vendors might have different MTU values. To make them consistent, restore the interfaces' MTU to the default value 0.

After you configure this command, the interface checks whether the MTU in a received DD packet is greater than its own MTU. If yes, the interface discards the packet.

Examples

# Enable VLAN-interface 10 to add the interface MTU value into DD packets.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf mtu-enable

ospf network-type

Use ospf network-type to specify the network type for an interface.

Use undo ospf network-type to restore the default.

Syntax

ospf network-type { broadcast | nbma | p2mp [ unicast ] | p2p [ peer-address-check ] }

undo ospf network-type

Default

The network type of an interface is broadcast.

Views

Interface view

Predefined user roles

network-admin

Parameters

broadcast: Specifies the network type as broadcast.

nbma: Specifies the network type as NBMA.

p2mp: Specifies the network type as P2MP.

unicast: Specifies the P2MP interface to unicast OSPF packets. By default, a P2MP interface multicasts OSPF packets.

p2p: Specifies the network type as P2P.

peer-address-check: Checks whether the peer interface and the local interface are on the same network segment. Two P2P interfaces can establish a neighbor relationship only when they are on the same network segment.

Usage guidelines

If a router on a broadcast network does not support multicast, configure the network type for the connected interfaces as NBMA.

When the network type of an interface is NBMA or P2MP unicast, you must use the peer command to specify the neighbor.

If only two routers run OSPF on a network, you can configure the network type for the connected interfaces as P2P.

When the network type of an interface is P2MP unicast, all OSPF packets are unicast by the interface.

Examples

# Specify the OSPF network type for VLAN-interface 10 as NBMA.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf network-type nbma

Related commands

ospf dr-priority

ospf packet-size

Use ospf packet-size to set the maximum length of OSPF packets that can be sent by an interface.

Use undo ospf packet-size to restore the default.

Syntax

ospf packet-size value

undo ospf packet-size

Default

The maximum length of OSPF packets that an interface can send equals the interface's MTU.

Views

Interface view

Predefined user roles

network-admin

Parameters

value: Specifies the maximum length of OSPF packets that can be sent by an interface, in the range of 500 to 10000 bytes.

Usage guidelines

The interface chooses the smaller one between the value set in this command and the interface MTU, and uses it as the maximum length of OSPF packets that can be sent.

When you establish OSPF neighbors over a tunnel, you can use this command to prevent OSPF packet fragmentation on the outgoing tunnel interface. Make sure the maximum length of OSPF packets plus the encapsulated header length is no greater than the outgoing tunnel interface's MTU. For more information, see Layer 3—IP Services Configuration Guide.

Examples

# Set the maximum length of OSPF packets that can be sent by VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan 10

[Sysname-Vlan-interface10] ospf packet-size 1000

ospf prefix-suppression

Use ospf prefix-suppression to disable an OSPF interface from advertising all its IP prefixes, except for the prefixes of secondary IP addresses.

Use undo ospf prefix-suppression to restore the default.

Syntax

ospf prefix-suppression [ disable ]

undo ospf prefix-suppression

Default

Prefix suppression is disabled.

Views

Interface view

Predefined user roles

network-admin

Parameters

disable: Disables prefix suppression for an interface.

Usage guidelines

To disable prefix suppression for an interface associated with an OSPF process that has been enabled with prefix suppression, use the ospf prefix-suppression disable command on that interface.

Examples

# Enable prefix suppression for VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf prefix-suppression

Related commands

prefix-suppression

ospf primary-path-detect bfd

Use ospf primary-path-detect bfd to enable BFD for primary link failure detection for OSPF.

Use undo ospf primary-path-detect bfd to disable BFD for primary link failure detection for OSPF.

Syntax

ospf primary-path-detect bfd { ctrl | echo }

undo ospf primary-path-detect bfd

Default

BFD is disabled for primary link failure detection for OSPF.

Views

Interface view

Predefined user roles

network-admin

Parameters

ctrl: Enables BFD control packet mode.

echo: Enables BFD echo packet mode.

Usage guidelines

This command enables OSPF PIC or OSPF FRR to use BFD to detect primary link failures.

Examples

# On VLAN-interface 10, enable BFD control packet mode for OSPF FRR.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] fast-reroute lfa

[Sysname-ospf-1] quit

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf primary-path-detect bfd ctrl

# On VLAN-interface 11, enable BFD echo packet mode for OSPF PIC.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] pic additional-path-always

[Sysname-ospf-1] quit

[Sysname] bfd echo-source-ip 1.1.1.1

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] ospf primary-path-detect bfd echo

ospf timer dead

Use ospf timer dead to set the neighbor dead interval.

Use undo ospf timer dead to restore the default.

Syntax

ospf timer dead seconds

undo ospf timer dead

Default

The dead interval is 40 seconds for broadcast and P2P interfaces. The dead interval is 120 seconds for P2MP and NBMA interfaces.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the dead interval in the range of 1 to 2147483647 seconds.

Usage guidelines

If an interface receives no hello packet from a neighbor within the dead interval, the interface considers the neighbor down.

The dead interval on an interface is a minimum of four times the hello interval. Routers attached to the same segment must have the same dead interval.

Examples

# Set the dead interval for VLAN-interface 10 to 60 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf timer dead 60

Related commands

ospf timer hello

ospf timer hello

Use ospf timer hello to set the hello interval on an interface.

Use undo ospf timer hello to restore the default.

Syntax

ospf timer hello seconds

undo ospf timer hello

Default

The hello interval is 10 seconds for P2P and broadcast interfaces, and is 30 seconds for P2MP and NBMA interfaces.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the hello interval in the range of 1 to 65535 seconds.

Usage guidelines

The shorter the hello interval, the faster the topology converges, and the more resources are consumed. Make sure the hello interval on two neighboring interfaces is the same.

Examples

# Set the hello interval on VLAN-interface to 20 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf timer hello 20

Related commands

ospf timer dead

ospf timer poll

Use ospf timer poll to set the poll interval on an NBMA interface.

Use undo ospf timer poll to restore the default.

Syntax

ospf timer poll seconds

undo ospf timer poll

Default

The poll interval is 120 seconds on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the poll interval in the range of 1 to 2147483647 seconds.

Usage guidelines

When an NBMA interface finds its neighbor is down, it sends hello packets at the poll interval.

The poll interval must be a minimum of four times the hello interval.

Examples

# Set the poll timer interval on VLAN-interface 10 to 130 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf timer poll 130

Related commands

ospf timer hello

ospf timer retransmit

Use ospf timer retransmit to set the LSA retransmission interval on an interface.

Use undo ospf timer retransmit to restore the default.

Syntax

ospf timer retransmit seconds

undo ospf timer retransmit

Default

The LSA retransmission interval is 5 seconds on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the LSA retransmission interval in the range of 1 to 3600 seconds.

Usage guidelines

After sending an LSA, an interface waits for an acknowledgment packet. If the interface receives no acknowledgment within the retransmission interval, it retransmits the LSA.

To avoid unnecessary retransmissions, set an appropriate retransmission interval. For example, you can set a large retransmission interval value on a low-speed link.

Examples

# Set the LSA retransmission interval to 8 seconds on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf timer retransmit 8

ospf trans-delay

Use ospf trans-delay to set the LSA transmission delay on an interface.

Use undo ospf trans-delay to restore the default.

Syntax

ospf trans-delay seconds

undo ospf trans-delay

Default

The LSA transmission delay is 1 second.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the LSA transmission delay in the range of 1 to 3600 seconds.

Usage guidelines

Each LSA in the LSDB has an age that is incremented by 1 every second, but the age does not change during transmission. Adding a transmission delay into the age time is important in low speed networks.

Examples

# Set the LSA transmission delay to 3 seconds on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf trans-delay 3

ospf ttl-security

Use ospf ttl-security to enable OSPF GTSM for an interface.

Use undo ospf ttl-security to disable OSPF GTSM for an interface.

Syntax

ospf ttl-security [ hops hop-count | disable ]

undo ospf ttl-security

Default

OSPF GTSM is disabled for an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

hops hop-count: Specifies the hop limit for checking OSPF packets, in the range of 1 to 254. The default hop limit is 1 for packets from common neighbors, and is 255 for packets from virtual link neighbors.

disable: Disables OSPF GTSM for the interface.

Usage guidelines

GTSM protects the device by comparing the TTL value in the IP header of incoming OSPF packets against a valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded.

The valid TTL range is from 255 – the configured hop count + 1 to 255.

When GTSM is configured, the OSPF packets sent by the device have a TTL of 255. To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values for them.

The hops keyword configured in interface view takes precedence over the hops keyword configured in OSPF area view.

If the ttl-security command is not configured, the undo ospf ttl-security command disables GTSM for an interface.

If the ttl-security command is configured, the undo ospf ttl-security command removes the GTSM configuration for an interface. At the same time, the GTSM configuration for the area applies to the interface. The ospf ttl-security disable command disables GTSM for an interface.

If a virtual link exists in an area, you can enable GTSM for the interfaces on the virtual link. If you do not know the interfaces on the virtual link, enable GTSM in area view to prevent packet loss.

Examples

# Enable OSPF GTSM for VLAN-interface 10 and set the hop limit to 254.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf ttl-security hops 254

# Enable GTSM in OSPF area view and disable OSPF GTSM for VLAN-interface 10.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] ttl-security

[Sysname-ospf-100-area-0.0.0.1] quit

[Sysname-ospf-100] quit

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] ospf ttl-security disable

Related commands

ttl-security (OSPF area view)

peer (OSPF view)

Use peer to specify a neighbor in an NBMA or P2MP network.

Use undo peer to remove a neighbor in an NBMA or P2MP network.

Syntax

peer ip-address [ cost cost-value | dr-priority priority ]

undo peer ip-address

Default

No neighbor is specified.

Views

OSPF view

Predefined user roles

network-admin

Parameters

ip-address: Specifies a neighbor by its IP address.

cost cost-value: Specifies the cost to reach the neighbor, in the range of 1 to 65535.

dr-priority priority: Specifies the DR priority for the neighbor, in the range of 0 to 255. The default neighbor DR priority is 1.

Usage guidelines

In an NBMA or P2MP network, OSPF packets are sent in unicast, so you must use this command to specify neighbors.

The cost set with the peer command applies only to P2MP neighbors. If no cost is specified, the cost to the neighbor equals the local interface's cost.

A router uses the priority set with the peer command to determine whether to send a hello packet to the neighbor rather than for DR election. The DR priority set with the ospf dr-priority command is used for DR election.

Examples

# Specify the neighbor 1.1.1.1.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] peer 1.1.1.1

Related commands

ospf dr-priority

pic (OSPF view)

Use pic to enable OSPF PIC.

Use undo pic to disable OSPF PIC.

Syntax

pic [ additional-path-always ]

undo pic

Default

OSPF PIC is enabled.

Views

OSPF view

Predefined user roles

network-admin

Parameters

additional-path-always: Allows the indirect suboptimal route as the backup route.

Usage guidelines

Prefix Independent Convergence (PIC) enables the device to speed up network convergence by ignoring the number of prefixes. PIC applies only to inter-area routes and external routes.

When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect.

Examples

# Configure OSPF PIC to support the suboptimal route as the backup route.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] pic additional-path-always

preference (OSPF view)

Use preference to set a preference for OSPF.

Use undo preference to remove the configuration.

Syntax

preference [ ase ] { preference | route-policy route-policy-name } *

undo preference [ ase ]

Default

The preference is 10 for OSPF internal routes and 150 for OSPF external routes (ASE routes).

Views

OSPF view

Predefined user roles

network-admin

Parameters

ase: Specifies a preference for OSPF external routes. If you do not specify this keyword, the command sets a preference for OSPF internal routes.

preference: Specifies the preference value in the range of 1 to 255. A smaller value represents a higher preference.

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters, to set a preference for the specified routes.

Usage guidelines

If multiple routing protocols find routes to the same destination, the router uses the route found by the protocol with the highest preference.

When the route-policy route-policy-name option is specified, the following preferences take effect:

·     For routes matching the routing policy, the preference set in the routing policy takes effect.

·     For other routes, the preference set with the preference command takes effect.

Examples

# Set a preference of 200 for OSPF external routes.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] preference ase 200

# Set a preference of 100 for OSPF internal routes matching the specified routing policy, and set a preference of 150 for other routes.

<Sysname> system-view

[Sysname] ip prefix-list test index 10 permit 100.1.1.0 24

[Sysname] route-policy pre permit node 10

[Sysname-route-policy-pre-10] if-match ip address prefix-list test

[Sysname-route-policy-pre-10] apply preference 100

[Sysname-route-policy-pre-10] quit

[Sysname] ospf 100

[Sysname-ospf-100] preference route-policy pre 150

prefix-priority (OSPF view)

Use prefix-priority to enable prefix prioritization.

Use undo prefix-priority to disable prefix prioritization.

Syntax

prefix-priority route-policy route-policy-name

undo prefix-priority

Default

Prefix prioritization is disabled.

Views

OSPF view

Predefined user roles

network-admin

Parameters

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters, to set a priority for the specified route prefixes.

Usage guidelines

Prefix prioritization enables the device to install prefixes in descending priority order: critical, high, medium, and low. The prefix priorities are assigned through routing policies. When a route is assigned multiple prefix priorities, it uses the highest priority.

By default, the 32-bit OSPF host routes have a medium priority and other routes have a low priority.

Examples

# Use a routing policy to assign the medium priority to the specified route prefixes.

<Sysname> system-view

[Sysname] ip prefix-list test index 10 permit 100.1.1.0 24

[Sysname] route-policy pre permit node 10

[Sysname-route-policy-pre-10] if-match ip address prefix-list test

[Sysname-route-policy-pre-10] apply prefix-priority medium

[Sysname-route-policy-pre-10] quit

[Sysname] ospf 100

[Sysname-ospf-100] prefix-priority route-policy pre

prefix-suppression

Use prefix-suppression to disable an OSPF process from advertising all IP prefixes except for the prefixes of loopback interfaces, secondary IP addresses, and passive interfaces.

Use undo prefix-suppression to restore the default.

Syntax

prefix-suppression

undo prefix-suppression

Default

An OSPF process advertises all prefixes.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

By default, an OSPF interface advertises all of its prefixes in LSAs. To speed up OSPF convergence, you can suppress interfaces from advertising all their prefixes. This feature helps improve network security by preventing IP routing to the suppressed networks.

As a best practice, configure prefix suppression on all OSPF routers if you want to use prefix suppression.

To disable an OSPF process from advertising the prefixes of loopback and passive interfaces, configure prefix suppression on the interfaces by using the ospf prefix-suppression command.

When prefix suppression is enabled:

·     On P2P and P2MP networks, OSPF does not advertise Type-3 links in Type-1 LSAs. Other routing information can still be advertised to ensure traffic forwarding.

·     On broadcast and NBMA networks, the DR generates Type-2 LSAs with a mask length of 32 to suppress network routes. Other routing information can still be advertised to ensure traffic forwarding. If no neighbors exist, the DR also does not advertise the primary IP addresses of interfaces in Type-1 LSAs.

Examples

# Enable prefix suppression for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] prefix-suppression

Related commands

ospf prefix-suppression

reset ospf event-log

Use reset ospf event-log to clear OSPF log information.

Syntax

reset ospf [ process-id ] event-log [ lsa-flush | peer | spf ]

Views

User view

Predefined user roles

network-admin

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify this argument, the command clears OSPF log information for all OSPF processes.

lsa-flush: Clears LSA aging log information.

peer: Clears neighbor log information.

spf: Clears route calculation log information.

Usage guidelines

If you do not specify a log type, this command clears all log information.

Examples

# Clear OSPF route calculation log information for all OSPF processes.

<Sysname> reset ospf event-log spf

Related commands

display ospf event-log

reset ospf process

Use reset ospf process to restart all OSPF processes or a specified process.

Syntax

reset ospf [ process-id ] process [ graceful-restart ]

Views

User view

Predefined user roles

network-admin

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify a process, this command restarts all OSPF processes.

graceful-restart: Resets the OSPF process by using GR.

Usage guidelines

The reset ospf process command performs the following actions:

·     Clears all invalid LSAs without waiting for their timeouts.

·     Makes a newly configured router ID take effect.

·     Starts a new DR/BDR election.

·     Keeps previous OSPF configurations.

The system prompts you to select whether to restart OSPF process upon execution of this command.

Examples

# Restart all OSPF processes.

<Sysname> reset ospf process

Reset OSPF process? [Y/N]:y

reset ospf redistribution

Use reset ospf redistribution to restart route redistribution.

Syntax

reset ospf [ process-id ] redistribution

Views

User view

Predefined user roles

network-admin

Parameters

process-id: Specifies an OSPF process by its ID in the range of 1 to 65535. If you do not specify a process, this command restarts route redistribution for all OSPF processes.

Examples

# Restart route redistribution.

<Sysname> reset ospf redistribution

reset ospf statistics

Use reset ospf statistics to clear OSPF statistics.

Syntax

reset ospf [ process-id ] statistics

Views

User view

Predefined user roles

network-admin

Parameters

process-id: Clears the statistics for an OSPF process specified by its ID in the range of 1 to 65535.

Examples

# Clear OSPF statistics for all processes.

<Sysname> reset ospf statistics

Related commands

display ospf statistics

rfc1583 compatible

Use rfc1583 compatible to enable compatibility with RFC 1583.

Use undo rfc1583 compatible to disable compatibility with RFC 1583.

Syntax

rfc1583 compatible

undo rfc1583 compatible

Default

Compatibility with RFC 1583 is enabled.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

RFC 1583 specifies a different method than RFC 2328 for selecting the optimal route to a destination in another AS. When multiple routes are available to the ASBR, OSPF selects the optimal route by using the following procedure:

1.     Selects the route with the highest preference.

¡     If RFC 2328 is compatible with RFC 1583, all these routes have equal preference.

¡     If RFC 2328 is not compatible with RFC 1583, the intra-area route in a non-backbone area is preferred to reduce the burden of the backbone area. The inter-area route and intra-area route in the backbone area have equal preference.

2.     Selects the route with lower cost if two routes have equal preference.

3.     Selects the route with larger originating area ID if two routes have equal cost.

To avoid routing loops, set identical RFC 1583-compatibility on all routers in a routing domain.

Examples

# Disable compatibility with RFC 1583.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] undo rfc1583 compatible

router id

Use router id to configure a global router ID.

Use undo router id to restore the default.

Syntax

router id router-id

undo router id

Default

No global router ID is configured.

Views

System view

Predefined user roles

network-admin

Parameters

router-id: Specifies the router ID, in the format of an IPv4 address.

Usage guidelines

OSPF uses a router ID to identify a device. If no router ID is specified, the global router ID is used.

If no global router ID is configured, the highest loopback interface IP address is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status (up or down).

During an active/standby process switchover, the new active process checks whether the previously backed up router ID is valid. If not, the process selects a new router ID.

A new router ID is selected only when the interface IP address used as the router ID is removed or changed. Other events will not trigger a router ID re-selection. For example, router ID re-selection is not triggered in the following situations:

·     The interface goes down.

·     You change the router ID to the address of a loopback interface after a physical interface address is selected as the router ID.

·     A higher interface IP address is configured as the router ID.

After a router ID is changed, you must use the reset command to enable it.

Examples

# Configure a global router ID as 1.1.1.1.

<Sysname> system-view

[Sysname] router id 1.1.1.1

silent-interface (OSPF view)

Use silent-interface to disable an interface or all interfaces from receiving and sending OSPF packets.

Use undo silent-interface to remove the configuration.

Syntax

silent-interface { interface-type interface-number | all }

undo silent-interface { interface-type interface-number | all }

Default

An interface can receive and send OSPF packets.

Views

OSPF view

Predefined user roles

network-admin

Parameters

interface-type interface-number: Specifies an interface by its type and number.

all: Specifies all interfaces.

Usage guidelines

To disable a network from receiving and sending OSPF routes, use the command on the interface connected to the network.

Examples

# Disable VLAN-interface 10 from receiving and sending OSPF packets.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] silent-interface vlan-interface 10

snmp trap rate-limit

Use snmp trap rate-limit to set the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.

Use undo snmp trap rate-limit to restore the default.

Syntax

snmp trap rate-limit interval trap-interval count trap-number

undo snmp trap rate-limit

Default

OSPF outputs a maximum of seven SNMP notifications within 10 seconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

interval trap-interval: Specifies the SNMP notification output interval in the range of 2 to 60 seconds.

count trap-number: Specifies the number of SNMP notifications output by OSPF at each interval, in the range of 0 to 300. The value of 0 indicates that OSPF does not output SNMP notifications.

Examples

# Configure OSPF to output a maximum of 10 SNMP notifications within 5 seconds.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] snmp trap rate-limit interval 5 count 10

snmp-agent trap enable ospf

Use snmp-agent trap enable ospf to enable SNMP notifications for OSPF.

Use undo snmp-agent trap enable ospf to disable SNMP notifications for OSPF.

Syntax

snmp-agent trap enable ospf [ authentication-failure | bad-packet | config-error | grhelper-status-change | grrestarter-status-change | if-state-change | lsa-maxage | lsa-originate | lsdb-approaching-overflow | lsdb-overflow | neighbor-state-change | nssatranslator-status-change | retransmit | virt-authentication-failure | virt-bad-packet | virt-config-error | virt-retransmit | virtgrhelper-status-change | virtif-state-change | virtneighbor-state-change ] *

undo snmp-agent trap enable ospf [ authentication-failure | bad-packet | config-error | grhelper-status-change | grrestarter-status-change | if-state-change | lsa-maxage | lsa-originate | lsdb-approaching-overflow | lsdb-overflow | neighbor-state-change | nssatranslator-status-change | retransmit | virt-authentication-failure | virt-bad-packet | virt-config-error | virt-retransmit | virtgrhelper-status-change | virtif-state-change | virtneighbor-state-change ] *

Default

SNMP notifications for OSPF are enabled.

Views

System view

Predefined user roles

network-admin

Parameters

authentication-failure: Specifies notifications about authentication failures on an interface.

bad-packet: Specifies notifications about error messages received on an interface.

config-error: Specifies notifications about error configuration of an interface.

grhelper-status-change: Specifies notifications about GR helper state change.

grrestarter-status-change: Specifies notifications about GR restarter state change.

if-state-change: Specifies notifications about interface state change.

lsa-maxage: Specifies LSA max age notifications.

lsa-originate: Specifies notifications about locally generated LSAs.

lsdb-approaching-overflow: Specifies notifications about approaching LSDB overflows.

lsdb-overflow: Specifies LSDB overflow notifications.

neighbor-state-change: Specifies notifications about neighbor state change.

nssatranslator-status-change: Specifies notifications about NSSA translator state change.

retransmit: Specifies notifications about packets that are received and forwarded on an interface.

virt-authentication-failure: Specifies notifications about authentication failures on a virtual interface.

virt-bad-packet: Specifies notifications about error messages received on a virtual interface.

virt-config-error: Specifies notifications about error configuration of a virtual interface.

virt-retransmit: Specifies notifications about packets that are received and forwarded on a virtual interface.

virtgrhelper-status-change: Specifies notifications about neighbor GR helper state changes of a virtual interface.

virtif-state-change: Specifies notifications about virtual interface state change.

virtneighbor-state-change: Specifies notifications about the neighbor state change of a virtual interface.

Examples

# Disable SNMP notifications for OSPF.

<Sysname> system-view

[Sysname] undo snmp-agent trap enable ospf

spf-schedule-interval (OSPF view)

Use spf-schedule-interval to set the OSPF SPF calculation interval.

Use undo spf-schedule-interval to restore the default.

Syntax

spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ]

undo spf-schedule-interval

Default

The maximum calculation interval is 5 seconds, the minimum interval is 50 milliseconds, and the incremental interval is 200 milliseconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

maximum-interval: Specifies the maximum OSPF SPF calculation interval in the range of 1 to 60 seconds.

minimum-interval: Specifies the minimum OSPF SPF calculation interval in the range of 10 to 60000 milliseconds.

incremental-interval: Specifies the incremental OSPF SPF calculation interval in the range of 10 to 60000 milliseconds.

Usage guidelines

Based on the LSDB, an OSPF router uses SPF to calculate a shortest path tree with itself as the root. OSPF uses the shortest path tree to determine the next hop to a destination. By adjusting the SPF calculation interval, you can prevent overconsumption of bandwidth and router resources due to frequent topology changes.

For a stable network, the minimum interval is used. If network changes become frequent, the SPF calculation interval is incremented by the incremental interval × 2n-2 for each calculation until the maximum interval is reached. The value n is the number of calculation times.

The minimum interval and the incremental interval cannot be greater than the maximum interval.

Examples

# Set the maximum SPF calculation interval to 10 seconds, minimum interval to 500 milliseconds, and incremental interval to 300 milliseconds.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] spf-schedule-interval 10 500 300

stub (OSPF area view)

Use stub to configure an area as a stub area.

Use undo stub to restore the default.

Syntax

stub [ default-route-advertise-always | no-summary ] *

undo stub

Default

No area is a stub area.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

default-route-advertise-always: Enables the ABR to advertise a default route in a Type-3 LSA into the stub area regardless of whether FULL-state neighbors exist in the backbone area. If you do not specify this keyword, the ABR advertises a default route in a Type-3 LSA into the stub area only when a minimum of one FULL-state neighbor exists in the backbone area.

no-summary: Enables the ABR to advertise only a default route in a Type-3 LSA into the stub area without advertising any other Type-3 LSAs. The area is a totally stub area.

Usage guidelines

To configure an area as a stub area, use the stub command on all routers attached to the area.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure Area 1 as a stub area.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] stub

Related commands

default-cost (OSPF area view)

stub-router (OSPF view)

Use stub-router to configure a router as a stub router.

Use undo stub-router to restore the default.

Syntax

stub-router [ external-lsa [ max-metric-value ] | include-stub | on-startup { seconds | wait-for-bgp [ seconds ] } | summary-lsa [ max-metric-value ] ] *

undo stub-router

Default

The router is not configured as a stub router.

Views

OSPF view

Predefined user roles

network-admin

Parameters

external-lsa max-metric-value: Specifies a cost for the external LSAs, in the range of 1 to 16777215. The default is 16711680.

include-stub: Specifies the cost of the stub links (link type 3) in Router LSAs to the maximum value 65535.

on-startup seconds: Specifies the router as a stub router during reboot, and specifies the timeout time in the range of 5 to 86400 seconds.

wait-for-bgp seconds: Specifies the router as a stub router during BGP route convergence after reboot, and specifies the timeout time in the range of 5 to 86400 seconds. The default timeout time is 600 seconds.

summary-lsa max-metric-value: Specifies a cost for the Type-3 LSAs, in the range of 1 to 16777215. The default cost value is 16711680.

Usage guidelines

The router LSAs sent by the stub router over different links contain different link type values. A value of 3 represents a link to a stub network, and the cost of the link is not changed. A value of 1, 2, or 4 represents a point-to-point link, a link to a transit network, or a virtual link. The cost of these links is set to 65535. Neighbors on such links will not send packets to the stub router as long as they have a route with a smaller cost.

Examples

# Configure a stub router.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] stub-router

transmit-pacing

Use transmit-pacing to set the LSU transmission interval and the maximum number of LSU packets that can be sent at each interval.

Use undo transmit-pacing to restore the default.

Syntax

transmit-pacing interval interval count count

undo transmit-pacing

Default

An OSPF interface sends a maximum of three LSU packets every 20 milliseconds.

Views

OSPF view

Predefined user roles

network-admin

Parameters

interval interval: Specifies an interval at which an interface sends LSU packets, in the range of 10 to 1000 milliseconds. If the router has multiple OSPF interfaces, increase this interval to reduce the total number of LSU packets sent by the router every second.

count count: Specifies the maximum number of LSU packets sent by an interface at each interval, in the range of 1 to 200. If the router has multiple OSPF interfaces, decrease the maximum number to reduce the total number of LSU packets sent by the router every second.

Examples

# Configure all the interfaces running OSPF process 1 to send a maximum of 10 LSU packets every 30 milliseconds.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] transmit-pacing interval 30 count 10

ttl-security

Use ttl-security to enable OSPF GTSM for an area.

Use undo ttl-security to disable OSPF GTSM for an area.

Syntax

ttl-security [ hops hop-count ]

undo ttl-security

Default

OSPF GTSM is disabled for an OSPF area.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

hops hop-count: Specifies the hop limit for checking OSPF packets, in the range of 1 to 254. The default hop limit is 1 for packets from common neighbors, and is 255 for packets from virtual link neighbors.

Usage guidelines

The GTSM configuration in OSPF area view applies to all OSPF interfaces in the area.

GTSM protects the device by comparing the TTL value in the IP header of incoming OSPF packets against a valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded.

The valid TTL range is from 255 – the configured hop count + 1 to 255.

When GTSM is configured, the OSPF packets sent by the device have a TTL of 255. To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values for them.

The hops keyword configured in interface view takes precedence over the hops keyword configured in OSPF area view.

As a best practice, set the hop limit if a virtual link exists in an area. You can enable GTSM for the interfaces on the virtual link. If you do not know the interfaces on the virtual link, enable GTSM in area view to prevent packet loss.

Examples

# Enable OSPF GTSM for OSPF area 1.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 1

[Sysname-ospf-100-area-0.0.0.1] ttl-security

Related commands

ospf ttl-security

vlink-peer (OSPF area view)

Use vlink-peer to configure a virtual link.

Use undo vlink-peer to remove a virtual link.

Syntax

vlink-peer router-id [ dead seconds | hello seconds | { { hmac-md5 | md5 } key-id { cipher | plain } string | keychain keychain-name | simple { cipher | plain } string } | retransmit seconds | trans-delay seconds ] *

undo vlink-peer router-id [ dead | hello | { hmac-md5 | md5 } key-id | keychain | retransmit | simple | trans-delay ] *

Default

No virtual links exist.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

router-id: Specifies the router ID of the neighbor on the virtual link.

dead seconds: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40. The dead interval must be identical with that on the virtual link neighbor, and a minimum of four times the hello interval.

hello seconds: Specifies the hello interval in the range of 1 to 8192 seconds. The default is 10. It must be identical with the hello interval on the virtual link neighbor.

hmac-md5: Specifies the HMAC-MD5 authentication mode.

md5: Specifies the MD5 authentication mode.

simple: Specifies the simple authentication mode.

key-id: Specifies the key ID for MD5 or HMAC-MD5 authentication, in the range of 1 to 255.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

·     In simple authentication mode, the plaintext form of the key is a string of 1 to 8 characters. The encrypted form of the key is a string of 33 to 41 characters.

·     In MD5/HMAC-MD5 authentication mode, the plaintext form of the key is a string of 1 to 16 characters. The encrypted form of the key is a string of 33 to 53 characters.

keychain: Specifies the keychain authentication mode.

keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters.

retransmit seconds: Specifies the retransmission interval in the range of 1 to 3600 seconds. The default is 5.

trans-delay seconds: Specifies the transmission delay interval in the range of 1 to 3600 seconds. The default is 1.

Usage guidelines

As defined in RFC 2328, all non-backbone areas must maintain connectivity to the backbone. You can use the vlink-peer command to configure a virtual link to connect an area to the backbone.

When you configure this command, follow these guidelines:

·     The smaller the hello interval is, the faster the network converges, and the more network resources are consumed.

·     A retransmission interval that is too small can cause unnecessary retransmissions. A large value is appropriate for a low speed link.

·     Specify an appropriate transmission delay with the trans-delay keyword.

You can specify either MD5/HMAC-MD5 authentication or simple authentication for a virtual link. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, and each command must have a unique key ID and key string.

To modify the key of a virtual link, perform the following key rollover configurations:

1.     Configure a new MD5/HMAC-MD5 authentication key for the virtual link on the local device. If the new key is not configured on the neighbor device, MD5/HMAC-MD5 authentication key rollover is triggered. During key rollover, OSPF sends multiple packets that contain both the new and old MD5/HMAC-MD5 authentication keys to ensure that the neighbor device can pass the authentication.

2.     Configure the new MD5/HMAC-MD5 authentication key on the neighbor device. When the local device receives packets with the new key from the neighbor device, it exits MD5 key rollover.

3.     Delete the old MD5/HMAC-MD5 authentication key from the local device and the neighbor. This step helps prevent attacks from devices that use the old key for communication and reduces system resources and bandwidth consumption caused by key rollover.

When keychain authentication is configured for an OSPF virtual link, OSPF performs the following operations before sending a packet:

1.     Obtains a valid send key from the keychain.

OSPF does not send the packet if it fails to obtain a valid send key.

2.     Uses the key ID, authentication algorithm, and key string to authenticate the packet.

If the key ID is greater than 255, OSPF does not send the packet.

When keychain authentication is configured for an OSPF virtual link, OSPF performs the following operations after receiving a packet:

1.     Uses the key ID carried in the packet to obtain a valid accept key from the keychain.

OSPF discards the packet if it fails to obtain a valid accept key.

2.     Uses the authentication algorithm and key string for the valid accept key to authenticate the packet.

If the authentication fails, OSPF discards the packet.

OSPF supports theMD5 and HMAC-MD5 authentication algorithms.

The ID of keys used for authentication can only be in the range of 0 to 255.

Examples

# Configure a virtual link to the neighbor with router ID 1.1.1.1.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] area 2

[Sysname-ospf-100-area-0.0.0.2] vlink-peer 1.1.1.1

Related commands

authentication-mode

display ospf vlink

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网