D-Link DFL-260-IPS-12 Product Manual - Page 184
OSPF Neighbors, 4.5.3.5. OSPF Aggregates, 4.5.3.6. OSPF VLinks, Setting Up
View all D-Link DFL-260-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 184 highlights
4.5.3. OSPF Components Chapter 4. Routing Sometimes there is a need to include networks into the OSPF routing process, without running OSPF on the interface connected to that network. This is done by enabling the option: No OSPF routers connected to this interface ("Passive"). This is an alternative to using a Dynamic Routing Policy to import static routes into the OSPF routing process. If the Ignore received OSPF MTU restrictions is enabled, OSPF MTU mismatches will be allowed. 4.5.3.4. OSPF Neighbors In some scenarios the neighboring OSPF router to a firewall needs to be explicitly defined. For example, when the connection is not between physical interfaces. The most common situation for using this is when a VPN tunnel is used to connect two neighbors and we need to tell NetDefendOS that the OSPF connection needs to be made through the tunnel. This type of VPN usage with IPsec tunnels is described further in Section 4.5.5, "Setting Up OSPF". NetDefendOS OSPF Neighbor objects are created within an OSPF Area and each object has the following property parameters: Interface Specifies which OSPF interface the neighbor is located on. IP Address The IP Address of the neighbor. This is the IP Address of the neighbors OSPF interface connecting to this router. For VPN tunnels this will be the IP address of the tunnel's remote end. Metric Specifies the metric to this neighbor. 4.5.3.5. OSPF Aggregates OSPF Aggregation is used to combine groups of routes with common addresses into a single entry in the routing table. If advertised this will decreases the size of the routing table in the firewall, if not advertised this will hide the networks. NetDefendOS OSPF Aggregate objects are created within an OSPF Area and each object has the following parameters: Network The network consisting of the smaller routers. Advertise If the aggregation should be advertised or not. In most, simple OSPF scenarios, OSPF Aggregate objects will not be needed. 4.5.3.6. OSPF VLinks All areas in an OSPF AS must be physically connected to the backbone area (the area with ID 0). In some cases this is not possible and in that case a Virtual Link (VLink) can be used to connect to the backbone through a non-backbone area. NetDefendOS OSPF VLink objects are created within an OSPF Area and each object has the following parameters: General Parameters Name Symbolic name of the virtual link. Neighbor Router ID The Router ID of the router on the other side of the virtual link. 184