The import filter is used to filter what can be imported in the OSPF AS from either external sources
(like the main routing table or a policy based routing table) or inside the OSPF area.
External
Specifies the network addresses allowed to be imported into this OSPF area from
external routing sources.
Interarea
Specifies the network addresses allowed to be imported from other routers inside the
OSPF area.
4.5.3.3. OSPF Interface
This section describes how to configure an OSPF Interface object. OSPF interface objects are
children of OSPF areas. Unlike areas, they are not similar on each NetDefend Firewall in the OSPF
network. The purpose of an OSPF interface object is to describe a specific interface which will be
part of an OSPF network.
Note: Different interface types can be used with OSPF interfaces
Note that an OSPF Interface does not always correspond to a physical interface
although this is the most common usage. Other types of interfaces, such as a VLAN,
could instead be associated with an OSPF Interface.
General Parameters
Interface
Specifies which interface on the firewall will be used for this OSPF
interface.
Network
Specifies the IPv4 network address for this OSPF interface. If is not
specified it defaults to the network assigned to the underlying NetDefendOS
interface.
This network is automatically exported to the OSPF AS and does not require
a Dynamic Routing Rule.
Interface Type
This can be one of the following:
•
Auto - Tries to automatically detect interface type. This can be used for
physical interfaces.
•
Broadcast - The Broadcast interface type is an interface that has native
Layer 2 broadcast/multicast capabilities. The typical example of a
broadcast/multicast network is an ordinary physical Ethernet interface.
When broadcast is used, OSPF will send OSPF Hello packets to the IP
multicast address 224.0.0.5. Those packets will be heard by all other the
OSPF routers on the network. For this reason, no configuration of OSPF
Neighbor objects is required for the discovery of neighboring routers.
•
Point-to-Point - Point-to-Point is used for direct links which involve
only two routers (in other words, two firewalls). A typical example of
this is a VPN tunnel which is used to transfer OSPF traffic between two
firewalls. The neighbor address of such a link is configured by defining
an OSPF Neighbour object.
Using VPN tunnels is discussed further in Section 4.5.5, “Setting Up
OSPF”.
•
Point-to-Multipoint - The Point-to-Multipoint interface type is a
collection of Point-to-Point networks, where there is more then one
router in a link that does not have OSI Layer 2 broadcast/multicast
capabilities.
4.5.3. OSPF Components
Chapter 4. Routing
210
Summary of Contents for NetDefend DFL-1660
Page 28: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 28 ...
Page 88: ...2 6 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 88 ...
Page 166: ...3 10 DNS Chapter 3 Fundamentals 166 ...
Page 254: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 254 ...
Page 268: ...5 4 IP Pools Chapter 5 DHCP Services 268 ...
Page 368: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 368 ...
Page 390: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 390 ...
Page 414: ...8 3 Customizing Authentication HTML Pages Chapter 8 User Authentication 414 ...
Page 490: ...9 8 6 Specific Symptoms Chapter 9 VPN 490 ...
Page 528: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 528 ...
Page 544: ...11 7 HA Advanced Settings Chapter 11 High Availability 544 ...
Page 551: ...12 3 5 Limitations Chapter 12 ZoneDefense 551 ...
Page 574: ...Default 512 13 9 Miscellaneous Settings Chapter 13 Advanced Settings 574 ...
Page 575: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 575 ...