- No more than 500 of these routes should be originated through
redistribution.
- R4’s OSPF process should be allowed to use up to 20% CPU utilization before allowing interrupts from higher priority processes.
R4:
router ospf 1
max-lsa 5000
redistribute maximum-prefix 500
process-min-time percent 20
LSA prefix limiting is used to prevent against attacks or misconfiguration in the OSPF, which can affect the normal forwarding traffic of the router. such as full internet bgp table is accidentally redistributed into IGP. also the process-min-time limits the OSPF's CPU usage.
verification:
Rack1R4#show ip ospf
Routing Process "ospf 1" with ID 150.1.4.4
Start time: 00:00:12.492, Time elapsed: 00:12:05.060
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Maximum number of non self-generated LSA allowed 5000
Threshold for warning message 75%
Ignore-time 5 minutes, reset-time 10 minutes
Ignore-count allowed 5, current ignore-count 0
It is an area border and autonomous system boundary router
Redistributing External Routes from,
rip, includes subnets in redistribution
Maximum limit of redistributed prefixes 500
Threshold for warning message 75%
Originating router-LSAs with maximum metric
Condition: always, State: active
Initial SPF schedule delay 100 msecs
Minimum hold time between two consecutive SPFs 1000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Initial LSA throttle delay 10 msecs
Minimum hold time for LSA throttle 4000 msecs
Maximum wait time for LSA throttle 6000 msecs
Minimum LSA arrival 2000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 50 msecs
Retransmission pacing timer 75 msecs
Number of external LSA 21. Checksum Sum 0x127F78
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 11
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 3 (1 loopback)
Area has no authentication
SPF algorithm last executed 00:00:46.804 ago
SPF algorithm executed 4 times
Area ranges are
Number of LSA 38. Checksum Sum 0x2BD18A
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 37
Flood list length 0
Area 1
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:53.592 ago
SPF algorithm executed 2 times
Area ranges are
Number of LSA 93. Checksum Sum 0x4D8CD6
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Routing Process "ospf 1" with ID 150.1.4.4
Start time: 00:00:12.492, Time elapsed: 00:12:05.060
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Maximum number of non self-generated LSA allowed 5000
Threshold for warning message 75%
Ignore-time 5 minutes, reset-time 10 minutes
Ignore-count allowed 5, current ignore-count 0
It is an area border and autonomous system boundary router
Redistributing External Routes from,
rip, includes subnets in redistribution
Maximum limit of redistributed prefixes 500
Threshold for warning message 75%
Originating router-LSAs with maximum metric
Condition: always, State: active
Initial SPF schedule delay 100 msecs
Minimum hold time between two consecutive SPFs 1000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Initial LSA throttle delay 10 msecs
Minimum hold time for LSA throttle 4000 msecs
Maximum wait time for LSA throttle 6000 msecs
Minimum LSA arrival 2000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 50 msecs
Retransmission pacing timer 75 msecs
Number of external LSA 21. Checksum Sum 0x127F78
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 11
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 3 (1 loopback)
Area has no authentication
SPF algorithm last executed 00:00:46.804 ago
SPF algorithm executed 4 times
Area ranges are
Number of LSA 38. Checksum Sum 0x2BD18A
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 37
Flood list length 0
Area 1
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm last executed 00:00:53.592 ago
SPF algorithm executed 2 times
Area ranges are
Number of LSA 93. Checksum Sum 0x4D8CD6
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
No comments:
Post a Comment