Thus, bidirectional communication has been established and the peers are now OSPF neighbors.ĮxStart – In the ExStart state, the local router and its neighbor establish which router is in charge of the database synchronization process. –The 2-Way state indicates that the local router has received a hello packet with its own router ID in the Neighbor field. It means that a hello packet has not been received from the neighbor and the local router is going to send a unicast hello packet to that neighbor within the specified hello interval period.Ģ-Way. This means that bidirectional communication has not been established between the peers.Īttempt – The Attempt state is valid only for Non-Broadcast Multi-Access (NBMA) networks. Init – The Init state is reached when an OSPF router receives a hello packet but the local router ID is not listed in the received Neighbor field. The local router may list a neighbor in this state when no hello packets have been received within the specified router dead interval for that interface. A start event, such as configuring the protocol, transitions the router to the Init state. OSPF Neighbor Statesĭown – Down is the starting state for all OSPF routers. We can see that we did NOT learn loopback3 of the 140E because it is not defined in the access-list therefore it does not match. On the 51E, we can now see that the 51E is learning the 5.5.5.6/32 route which is the loopback2 IP address. Now, we will apply the route-map to the ‘redistribution of connected’ section of the OSPF process config router ospf Set match-ip-address "permitted-connected" Next we will configure the route-map config router route-map Configuring the Access-List config router access-list Now on the command line, we will configure an access-list that will be used to match traffic, a route-map that references the access-list and then tell OSPF to redistribute ‘connected’ routes. Now, we will create the interface that will be the OSPF connection. I recommend that you consider this when deploying in your environment. In our example, we are NOT using Auth for the OSPF. Assign an IP address (normally it is a /32 address). Once in there, select the drop down next to the VLAN selection and change it to loopback interface. Go to Network, Interfaces and select Create New. To enabled the Advanced Routing on the Fortigate, Go to System, Feature Visibility and turn on the Advanced Routing section. * Have connectivity between the 51E and the 140E * Ensure Advanced Routing is enabled under the System, Visibility section of the Fortigate. * From 140E, I want to redistribute only loopback2 which is a connected route but NOT loopback3 which is also a connected route. It is pretty straight forward and if you know Cisco and OSPF, you will be more than fine in the Fortigate world. The Fortigate is capable of doing OSPF, BGP, and RIP from a dynamic routing protocol perspective.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |