IP routing configuration examples 135

To create the OSPF interface illustrated above for router R1, follow this procedure:

Step Action

1Configure brouter port OSPF interface.

Configure port 2 as a brouter port with VLAN ID of 2134 and enable OSPF on this interface.

5530-24TFD# config terminal

5530-24TFD(config)# interface fast 2

5530-24TFD(config-if)# brouter port 2 vlan 2134 subnet 10.1.1.21/30

5530-24TFD(config-if)# router ospf

5530-24TFD(config-router)# network 10.1.1.21

2Configure the VLAN OSPF interface.

Create a port-based VLAN (VLAN 2) using spanning tree group 1, assign IP address 172.3.1.1 to VLAN 2 and enable OSPF on this interface.

5530-24TFD(config)# vlan create 2 type port

5530-24TFD(config)# spanning-tree stp 1 add-vlan 2 5530-24TFD(config)# vlan member add 2 1 5530-24TFD(config)# interface vlan 2

5530-24TFD(config-if)# ip address 172.3.1.1 255.255.255.0

5530-24TFD(config-if)# router ospf

5530-24TFD(config-router)# network 172.3.1.1

3Assign a router ID to the new interface and enable OSPF globally.

5530-24TFD(config)# router ospf

5530-24TFD(config-router)# router-id 1.1.1.1

5530-24TFD(config-router)# exit

5530-24TFD(config)# router ospf enable

—End—

OSPF security

The Nortel Ethernet Routing Switch 5500 Series implementation of OSPF includes security mechanisms to prevent the OSPF routing domain from being attacked by unauthorized routers. These security mechanisms prevent a malicious person from joining an OSPF domain and advertising false information in its OSPF link state advertisements. Likewise, the security prevents a misconfigured router from joining an OSPF domain. Currently there are two security mechanisms supported: simple password security and Message Digest 5 (MD5) security.

Nortel Ethernet Routing Switch 5500 Series

Configuration-IP Routing Protocols

NN47200-503 03.01 Standard

5.127 August 2007

Copyright © 2005-2007, Nortel Networks

Page 135
Image 135
Nortel Networks NN47200-503 manual Ospf security