Destination
Specifies into which routing table the route changes to the OSPF
AS should be imported.
Offset Metric
Increases the metric by this value.
Offset Metric Type 2
Increases the Type 2 router's metric by this value.
Limit Metric To
Limits the metrics for these routes to a minimum and maximum
value. If a route has a higher value than specified then it will be
set to the specified value.
Static Route Override
Allows the override of the static routes.
Default Route Override
Allows the override of the default route.
4.5.5. Setting Up OSPF
Setting up OSPF can seem complicated because of the large number of configuration possibilities
that OSPF offers. However, in many cases a simple OSPF solution using a minimum of
NetDefendOS objects is needed and setup can be straightforward.
Let us examine again the simple scenario described earlier with just two NetDefend Firewalls.
In this example we connect together the two NetDefend Firewalls with OSPF so they can share the
routes in their routing tables. Both will be inside a single OSPF area which will be part of a single
OSPF autonomous system (AS). If unfamiliar with these OSPF concepts, please refer to earlier
sections for further explanation.
Beginning with just one of these firewalls, the NetDefendOS setup steps are as follows:
1. Create an OSPF Router object
Create a NetDefendOS OSPF Router Process object. This will represent an OSPF Autonomous Area
(AS) which is the highest level in the OSPF hierarchy. Give the object an appropriate name. The
Router ID can be left blank since this will be assigned automatically by NetDefendOS.
2. Add an OSPF Area to the OSPF Router
Within the OSPF Router Process created in the previous step, add a new OSPF Area object. Assign
an appropriate name and use the value 0.0.0.0 for the Area ID.
An AS can have multiple areas but in many cases only one is needed. The ID 0.0.0.0 identifies this
area as the backbone area which forms the central portion of the AS.
3. Add OSPF Interfaces to the OSPF Area
Within the OSPF Area created in the previous step, add a new OSPF Interface for each physical
interface that will be part of the area.
The OSPF Interface object needs the following parameters specified in its properties:
•
Interface - the physical interface which will be part of the OSPF area.
•
Network - the network on the interface that will be part of the area.
This does not need to be specified and if it is not, the network assigned to the physical interface
is used. For example if lan is the interface then lannet will be the default network.
•
Interface Type - this would normally be Auto so that the correct type is automatically selected.
•
The Passive option No OSPF routers connected to this interface must be enabled if the
physical interface does not connect directly to another OSPF Router (in other words, with
4.5.5. Setting Up OSPF
Chapter 4. Routing
216
Summary of Contents for NetDefend DFL-1660
Page 28: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 28 ...
Page 88: ...2 6 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 88 ...
Page 166: ...3 10 DNS Chapter 3 Fundamentals 166 ...
Page 254: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 254 ...
Page 268: ...5 4 IP Pools Chapter 5 DHCP Services 268 ...
Page 368: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 368 ...
Page 390: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 390 ...
Page 414: ...8 3 Customizing Authentication HTML Pages Chapter 8 User Authentication 414 ...
Page 490: ...9 8 6 Specific Symptoms Chapter 9 VPN 490 ...
Page 528: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 528 ...
Page 544: ...11 7 HA Advanced Settings Chapter 11 High Availability 544 ...
Page 551: ...12 3 5 Limitations Chapter 12 ZoneDefense 551 ...
Page 574: ...Default 512 13 9 Miscellaneous Settings Chapter 13 Advanced Settings 574 ...
Page 575: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 575 ...