Lab 3-5 Debrief Implementing a Scalable Multiarea Network OSPF- Based Solution —3-1

advertisement
Lab 3-5 Debrief
Implementing a Scalable Multiarea Network OSPFBased Solution
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-1
Lab Topology
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-2
Lab Review: What Did You Accomplish?
 Task 1: Examining OSPF Routing Information
– How can you verify the operation of an OSPF routing protocol?
– What can you see by observing the OSPF neighbors, OSPF
database, OSPF interfaces, and IP routing table?
 Task 2: Enabling OSPF Link Authentication
– How is OSPF link authentication between two routers
implemented?
 Task 3: Enabling OSPF Area Authentication
– How is OSPF area authentication implemented on a router?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-3
Verification
 Did you have enough information to create an implementation
plan?
 Were you able to define the OSPF topology and the contents of
the IP routing table?
 Verify that after link authentication configuration, the adjacencies,
IP routing table, and OSPF database are included into OSPF.
 Examine the OSPF link authentication process.
 Verify that after link authentication configuration, the adjacencies,
IP routing table, and OSPF database are included into OSPF.
 Examine the OSPF area authentication process.
 Verify that when a router with an improper or missing OSPF
authentication is connected to the area, an OSPF adjacency is not
set up.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-4
Checkpoints
 Examine the IP routing information exchanged by routers
configured with the OSPF routing protocol.
 Configure OSPF link authentication on the LAN segment.
 Check the IP routing table and OSPF database to verify that the
adjacency on that link is up and link is included in the OSPF
process.
 Configure OSPF area authentication.
 Check the IP routing table and OSPF database to verify that the
adjacencies in the area are up and the links are included in the
OSPF process.
 Check for the OSPF information in the router where area
authentication is not configured.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-5
A Sample Solution
 The OSPF topology and OSPF operation are verified, along with
the IP routing table, which shows the OSPF routes.
 OSPF link authentication is configured on the LAN segment.
 OSPF area authentication is configured in the whole area.
 MD5 authentication is used as the highest security provided in the
OSPF.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-6
Alternative Solutions
 Different authentication types can be used (clear text instead of
MD5).
 Different areas and redistribution can be used to control the
updates, but they do not provide authentication.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-7
Q and A
 How can you verify the OSPF routes in an IP routing table?
 How many authentication types are supported by OSPF?
 How do you configure OSPF link authentication?
 How do you configure OSPF area authentication?
 Is OSPF area authentication applied to all OSPF-enabled
interfaces on the router where it is configured?
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-8
Summary
 IP routing information exchanged by routers that are configured
with the OSPF routing protocol is examined.
 Simple OSPF authentication is configured between routers on a
LAN segment.
 You do not only deploy OSPF area authentication on each link,
but also in the whole area, for which all OSPF interfaces are
involved.
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-9
© 2009 Cisco Systems, Inc. All rights reserved.
ROUTE v1.0—3-10
Download