[nsp] Securing OSPF

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Wed Jun 23 04:31:54 EDT 2004


sthaug at nethelp.no <> wrote on Wednesday, June 23, 2004 9:52 AM:

>> Perhaps that's it. Most of those type 2 externals are redistribute
>> connected/statics from our T1 aggregation 7200's. The problem I'm
>> seeing (maybe it's supposed to be this way) is that the metric on
>> every one of those externals is 20, whether that subnet is directly
>> connected to the 7200 that's redistributing it (via fast-e), or
>> another 7200 that's one fast e and one DS3 hop away.
> 
> You're looking at the difference between OSPF external type 1 and
> external type 2. Reading up on the difference between those types
> would be useful. 

Well, redistributing statics/connected via externals type 1 doesn't
really help as their metric is zero (and can't be changed). You'd need a
route-map to assign a subnet-specific metric upon redistribution (based
on ACL, for example).

	oli



More information about the cisco-nsp mailing list