Configuring OSPF
FWSM can run two processes of OSPF protocol simultaneously, on different sets of interfaces. You
might want to run two processes if you have interfaces that use the same IP addresses (NAT allows these
interfaces to coexist, but OSPF does not allow overlapping addresses). Or you might want to run one
process on the inside, and another on the outside, and redistribute a subset of routes between the two
processes. Similarly, you might need to segregate private addresses from public addresses.
Redistribution between the two OSPF processes is supported. Static and connected routes configured on
OSPF-enabled interfaces on FWSM can also be redistributed into the OSPF process. You cannot enable
RIP on FWSM if OSPF is enabled. Redistribution between RIP and OSPF is not supported.
FWSM supports the following OSPF features:
•
•
•
•
•
•
•
•
Enabling OSPF
To enable OSPF, you need to create an OSPF routing process, specify the range of IP addresses
associated with the routing process, then assign area IDs associated with that range of IP addresses.
You cannot enable OSPF if RIP is enabled.
Note
To enable OSPF, perform the following steps:
To create an OSPF routing process, enter the following command:
Step 1
hostname(config)# router ospf process_id
This command enters the router configuration mode for this OSPF process.
The process_id is an internally used identifier for this routing process. It can be any positive integer. This
ID does not have to match the ID on any other device; it is for internal use only. You can use a maximum
of two processes.
Step 2
To define the IP addresses on which OSPF runs and to define the area ID for that interface, enter the
following command:
hostname(config-router)# network ip_address mask area area_id
The following example shows how to enable OSPF:
hostname(config)# router ospf 2
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
8-10
Support of intra-area, interarea, and external (Type I and Type II) routes.
Support of a virtual link.
OSPF LSA flooding.
Authentication to OSPF packets (both password and MD5 authentication).
Support for configuring FWSM as a designated router or a designated backup router. FWSM also
can be set up as an ABR; however, the ability to configure the FWSM as an ASBR is limited to
default information only (for example, injecting a default route).
Support for stub areas and not-so-stubby-areas.
Area boundary router type-3 LSA filtering.
Advertisement of static and global address translations.
Chapter 8
Configuring IP Routing and DHCP Services
OL-20748-01