64-26
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 64 Configuring Routing Policies
OSPF Routing on Cisco IOS Routers
Note Do not use clear text authentication in OSPF packets for security purposes, because the
unencrypted authentication key is sent in every packet. Use clear text authentication only when
security is not an issue, for example, to ensure that misconfigured hosts do not participate in
routing.
Step 5 (Optional) Under Properties, configure interface parameters as required. See Table 64-12 on page 64-32
for information about each parameter.
Step 6 Click OK to save your definitions. The defined interfaces appear on the OSPF Interface page.
Step 7 Repeat the process to define interface-specific parameters on additional OSPF interfaces.
Understanding Interface Cost
The cost of an OSPF interface is a metric representing the cost of sending a packet over that interface.
By default, this cost is calculated using this formula:
10 8 / bandwidth [bits per second]
For example, if the bandwidth of a Fast Ethernet interface is 10 Mbps (equal to 10 7), the cost of sending
packets over that interface is calculated as 10 8 /10 7 or 10. This formula establishes an inverse
relationship between the bandwidth of an interface and its cost; the greater the bandwidth, the lower the
cost.
Although cost is a calculated value, you can manually enter the cost of a selected interface.
Related Topics
Understanding Interface Priority, page64-26
Disabling MTU Mismatch Detection, page 64-27
Blocking LSA Flooding, page 64-27
Understanding OSPF Timer Settings, page 64-28
Understanding the OSPF Network Type, page 64-29
Understanding OSPF Interface Authentication, page 64-29
Defining OSPF Interface Settings, page 64-25
Understanding Interface Priority
Routers that share a common segment are elected through the Hello protocol to be neighbors on that
segment. Election occurs as soon as the routers see themselves listed in their neighbor’s hello packet.
Adjacency is the next step. Adjacent routers are routers that proceed beyond the simple Hello exchange
to a database exchange.
On each multiaccess (as opposed to point-to-point) segment, OSPF elects one router as the designated
router (DR) for that segment. The DR acts as a central point of contact to minimize information
exchange. Each router in the segment sends updates to the DR, which in turn relays the information to
the other routers. A second router is elected as the backup designated router (BDR) in case the DR goes
down.