24-9
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter24 Configuring OSPF
Customizing OSPF
ospf authentication-key key
Example:
hostname(config-interface)# ospf
authentication-key cisco
Allows you to assign a password to be used by neighboring OSPF
routers on a network segment that is using the OSPF simple
password authentication.
The key argument can be any continuous string of characters up to
8 bytes in length.
The password created by this command is used as a key that is
inserted directly into the OSPF header when the ASA software
originates routing protocol packets. A separate password can be
assigned to each network on a per-interface basis. All neighboring
routers on the same network must have the same password to be
able to exchange OSPF information.
ospf cost cost
Example:
hostname(config-interface)# ospf cost 20
Allows you to explicitly specify the cost of sending a packet on
an OSPF interface. The cost is an integer from 1 to 65535.
In this example, the cost is set to 20.
ospf dead-interval seconds
Example:
hostname(config-interface)# ospf
dead-interval 40
Allows you to set the number of seconds that a device must wait
before it declares a neighbor OSPF router down because it has not
received a hello packet. The value must be the same for all nodes
on the network.
In this example, the dead interval is set to 40.
ospf hello-interval seconds
Example:
hostname(config-interface)# ospf
hello-interval 10
Allows you to specify the length of time between the hello
packets that the ASA sends on an OSPF interface. The value must
be the same for all nodes on the network.
In this example, the hello interval is set to 10.
ospf message-digest-key key_id md5 key
Example:
hostname(config-interface)# ospf
message-digest-key 1 md5 cisco
Enables OSPF MD5 authentication.
The following argument values can be set:
key_id—An identifier in the range from 1 to 255.
key—An alphanumeric password of up to 16 bytes.
Usually, one key per interface is used to generate authentication
information when sending packets and to authenticate incoming
packets. The same key identifier on the neighbor router must have
the same key value.
We recommend that you not keep more than one key per interface.
Every time you add a new key, you should remove the old key to
prevent the local system from continuing to communicate with a
hostile system that knows the old key. Removing the old key also
reduces overhead during rollover.
ospf priority number_value
Example:
hostname(config-interface)# ospf priority
20
Allows you to set the priority to help determine the OSPF
designated router for a network.
The number_value argument ranges from 0 to 255.
In this example, the priority number value is set to 20.
Command Purpose