09-06-2006 09:42 AM - edited 03-03-2019 01:53 PM
We are looking to move away from a single area ospf design to multiple areas. Right now we are using just area 1. We would also like to do better summarization, authentication, etc.
I was thinking we could make the transition smoother by running two OSPF processes on our routers, and moving things across as we migrate. For example here is router A
router ospf 100
log-adjacency-changes
redistribute static
network 10.255.1.0 0.0.0.255 area 1
network 10.255.2.0 0.0.0.255 area 1
network 10.255.3.0 0.0.0.255 area 1
network 10.255.255.254 0.0.0.0 area 1
network 10.1.0.0 0.0.255.255 area 1
My plan was to add a process because I am assuming that authentication is enabled on a process level and once turned on I would break routing unless I have everything configured. So I would add the following configs:
router ospf 100
log-adjacency-changes
redistribute static
network 10.255.1.0 0.0.0.255 area 1
network 10.255.2.0 0.0.0.255 area 1
network 10.255.3.0 0.0.0.255 area 1
router ospf 875
log-adjacency-changes
network 10.1.0.0 0.0.255.255 area 0
area 0 authentication message-digest
Now my questions
1). If I want to summarize routes coming into the newly created area 0 from area 1 do I put the area X range commands on that process (100) or 875 (area 0).
2). Would I redistribute routes between the two processes?
Thanks
09-06-2006 06:01 PM
You require to redistribute the routes between two processes, but beware to avoid to redistribute the route back from original process. Apply route-map during the reditribution to avoid it.
Once you resdistributed the routes, you can summarize it in new process.
Moreover, it is correct that always use area 0 to be the backbone area.
But why require two process ? And not simply to change 10.1.1.0/16 to area 0 then you don't need redistribution. You are correct that enable the authentication of area 0 but it won't affect area 1 because there is no such authentication command. So it won't affect the area 1 user until you enable the authentication at area 1 too. I belive the authentication modication is simplier than control routes between redistribution.
I suggest you take a trail run at lab before actual migration.
Please check below for the OSPF design guide :
http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094e9e.shtml
Hope this helps.
09-06-2006 10:30 PM
Hi,
it would be much easier to change authentication than running two ospf processes. Authentication can be implemented per-area, but overriden with per-interface configuration (ip ospf authentication in interface config mode)
sample example and summary to ospf authentication you could find on http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094069.shtml
regards,
anton
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide