This chapter covers the following topics:
Special OSPF Areas—Describes how OSPF design uses stub, totally stubby, and not-so-stubby areas to optimize resource utilization.
Configuring OSPF Authentication—Describes the crucial topic of configuring specialized OSPF area types and MD5 authentication for OSPF. It also describes a few basic OSPF show and debug commands, which are sufficient for most verification and troubleshooting needs.
So far, this book has discussed simple OSPF networks and scaling OSPF to enterprise sizes. These discussions have—by necessity—assumed that the network could be built with only network design concerns. Unfortunately, the real world can be messy. Politics and business imperatives often conflict with "best case" design practices, and all designs must assume a hostile environment.
The first part of this chapter looks at some of the special types of OSPF areas and how they help OSPF fit into particular situations. Areas can be stub, totally stubby, and not-so-stubby, and each of these has advantages in some cases.
The second part of this chapter shows how OSPF authentication can "lock down" the routing infrastructure. If an attacker is able to manipulate routers by injecting false packets, he can force traffic to flow past an observer or deny service. Authentication allows OSPF routers to extend trust carefully, instead of indiscriminately exchanging LSAs with any router.
Both topics fit together to help you understand how to take OSPF out of the "perfect world" setting in which it is often presented and fit it into the realities of your enterprise network.
The purpose of the "Do I Know This Already?" quiz is to help you decide what parts of this chapter to use. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.
The 9-question quiz, derived from the major sections in the "Foundation Topics" portion of the chapter, helps you determine how to spend your limited study time.
Table 8-1 outlines the major topics discussed in this chapter and the "Do I Know This Already?" quiz questions that correspond to those topics.
|Foundation Topics Section||Questions Covered in This Section||Score|
|Special OSPF Areas||1–7|
|Configuring OSPF Authentication||8–9|
The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark this question wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.
|1.||Which of the following are not OSPF area types?
|2.||Which of the following are advantages of stub areas over standard areas?
|3.||How are totally stubby areas different from stub areas?
|4.||Which of the following OSPF router types are allowed inside a totally stubby area?
|5.||Which of the following OSPF router types are allowed inside a not-so-stubby area?
|6.||What command is used on routers inside OSPF area 7 if it is a totally stubby area?
|7.||What command is used on the ABR of OSPF area 7 if it is a totally stubby area?
|8.||Which of the following are options for OSPF authentication?
|9.||Which commands are needed to implement plain-text passwords between OSPF neighbors using a password of cisco?
The answers to this quiz are found in Appendix A, "Answers to Chapter 'Do I Know This Already?' Quizzes and Q&A Sections." The suggested choices for your next step are as follows: