RuggedCom RX1100, RX1000 manual Link Detect, Configuring Ospf Link Costs, Ospf Authentication

Chapter 13 – Configuring Dynamic Routing

Link Detect

When link detect is enabled for an OSPF/RIP active interface, OSPF or RIP will be notified when the interface goes down and will stop advertising subnets associated with that interface. OSPF and RIP will resume advertising the subnet when the link is restored. This allows OSPF and RIP to detect link failures more rapidly (as the router does not have to wait a dead interval to time out). Link Detect will also cause

“redistributed” routes to start and stop being advertised based upon the status of their interface links.

Configuring OSPF Link Costs

Link cost is used when multiple links can reach a given destination, to determine which route to use. OSPF will (by default) assign the same cost to all links unless provided with extra information about the links. Each interface is assumed to be 10Mbit unless told otherwise in the Core Interface configuration.

The reference bandwidth for link cost calculations is 100Mbit by default in the OSPF Global Parameters. The reference bandwidth divided by the link bandwidth gives the default cost for a link, which by default is 10. If a specific bandwidth is assigned to each link, the costs will take this into account.

It is also possible to manually assign a cost to using a link in the OSPF Interface Configuration for each interface for cases where the speed of the link is not desired as the method for choosing the best link.

OSPF Authentication

OSPF authentication is used when it is desirable to prevent unauthorized routers from joining the OSPF network. By enabling authentication and configuring a shared key on all the routers, only routers which have the same authentication key will be able to send and receive advertisements within the OSPF network. Authentication adds a small overhead due to the encryption of messages, so is not to be preferred on completely private networks with controlled access.

RIP Authentication

RIP authentication is used when it is desirable to prevent unauthorized routers from joining the network. RIP authentication is supported by per-interface configuration or the use of key-chains. Separate key chains spanning different groups of interfaces and having separate lifespans are possible. By enabling authentication and configuring a shared key on all the routers, only routers which have the same authentication key will be able to send and receive advertisements within the RIP network.

OSPF And Antispoofing

Antispoofing is the process of discarding packets arriving on an interface because they match the subnet of another configure interface. This is not a normal occurrence in conventional routing. This situation can arise in OSPF, when routers are multiply connected. If for example two routers are connected by lower speed wan and higher speed Ethernet links, packets on subnets native to the wan will still be forwarded via Ethernet because of cost. If antispoofing is enabled, the packet will be discarded at the peer OSPF router.